Archive for 'PIX-ASA Firewall' Category
Remote Access VPN with PIX(PPTP)
The basic interface configuration:
pix(config)#interface eth0 auto
pix(config)#interface eth1 auto
pix(config)#nameif eth0 outside security0
pix(config)#nameif eth1 inside security100
pix(config)#ip address outside 218.1....
Using GNS3 to Help Master the PIX/ASA - Basic Setup and the First Emulation
Hello all. I have had some peers ask me for help in getting up and running quickly with GNS3 to help master the PIX/ASA.
Here is my step-by-step on that.
I am installing on the following system:
Alienware
Windows Vista Home P...
QoS on the PIX/ASA - Part 1:What Tools are Available?
This blog is focusing on QoS on the PIX/ASA and is based on 7.2 code to be consistent with the CCIE Security Lab Exam as of the date of this post.?I will create a later blog regarding new features to 8.X code for all of you non-exam biased readers
IP Routing on the PIX/ASA
This post was created using GNS3 and follows what I thought was some of the most lab and real-world relevant content from the Cisco ASA documentation in the area of IP Routing:
?
http://www.cisco.com/en/US/docs/security/asa/asa72/configura...
Transparent Mode Firewall Guidelines
As I am sure you have already seen from the blog on setting up the security device as a Layer 2 device, there are many interesting changes that occur on a PIX or ASA when configured for transparent operations. This blog highlights the major changes an...
Transparent Firewall - Things That Go Bump on the Wire!
This blog will examine the basic setup of the transparent firewall feature available with the PIX and the ASA. This blog was based on the PIX-525 running 7.2(4) code with a Restricted license in GNS3. Here is the topology that was used:
Remembe...
QoS on the PIX/ASA - Part 4:Traffic Shaping and Traffic Policing
In this final part of our blog series on QoS with the PIX/ASA, we examine the remaining two tools that we find on some devices - traffic shaping and traffic policing.
Traffic Shaping
Traffic shaping on the security appliance allows the dev...
CCIE Security 2.X Verification Commands “Cheat Sheet”
Thanks to Anisha with Cisco Systems for this idea. We were in Brian McGahan’s CCIE Security 5 Day Bootcamp, and she realized it would be nice to have a Quick Ref of his troubleshooting/verification commands. There is a bazillion shows and debugs...
QoS on the PIX/ASA - Part 3:Priority Queuing
The security appliance supports two kinds of priority queuing - standard priority queuing and hierarchical priority queuing. Let’s configure each in this third part of our blog.
Standard Priority Queuing
This queuing approach allows...
QoS on the PIX/ASA - Part 2:The Modular Policy Framework
How do you apply most of your QoS mechanisms on a Cisco router? You use the Modular Quality of Service Command Line Interface (MQC). The approach is similar on the PIX/ASA, but the tool does feature some important differences. Also, Cisco has renamed ...