Archive for 'Security' Category
The configuration of Cisco remote-access VPN (Easy VPN)
The general flowchart of the configuration:
Configuration:
version 12.3
hostname 26_2
!
enable secret 5 $1$nGGG$pyIANu7.xaKKQXVPqq.Dh1
!
! Define the local database
username cisco password 0 cisco
...
The configuration of DMVPN
HUB Router Configuration
r1#sh ru
hostname r1
!
crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
crypto isakmp key cisco1234 address 0.0.0.0 0.0.0.0
!
crypto ipsec transform...
Remote Access VPN with PIX(PPTP)
The basic interface configuration:
pix(config)#interface eth0 auto
pix(config)#interface eth1 auto
pix(config)#nameif eth0 outside security0
pix(config)#nameif eth1 inside security100
pix(config)#ip address outside 218.1....
Redundancy VPN
ã€Lab Topology】
ã€Lab Object】
Technical characteristics:
1. Achieve VPN redundance by using Cisco HSRP technology.
2. Be able to achieve VPN rapid switching.
3. The connected client is transparent...
DMVPN
ã€Lab Topology】
ã€Lab Object】
Technical characteristics:
1. Cisco provides a VPN resolution between multiple sites.
2. For common VPN, a client site communicates with other sites through central site or...
Port to Application Mapping & URL Filtering
ã€Lab Topology】
ã€Lab Process】 Continue Lab3 to configure 1. URLFiltering: GW(config)#ip inspect name CBAC http java-list 2 urlfilter GW(config)#ip urlfilter audit-trail GW(config)#ip urlfilter server vendor websen...
Context-Based Access Control
ã€Lab Topology】
ã€Lab Object】 Technical characteristics: 1. Traffic filtering CBAC checks not only the information of the network layer and the transport layer but also the information of the application layer. It can a...
Cisco Secure Firewall Services Module FWSM (2009) free download
How This Book Is Organized This book is organized into five sections that cover the basic introduction of firewalls, initial and advanced configurations, design guides and configuration examples, and features and functionality introduced in FWSM vers...
Understanding IOS Local AAA
IOS Local AAA is one feature that is often overlooked for some reason. It allows turning your router into almost full-functional AAA server, allowing not only local authentication of remote VPN users but also local authorization for protocols like PPP...
VPLS
Let’s say you get a bunch of inexpensive (but a bit outdated) routers (36XX or 72Xx) and some really nice (maybe not so cheap) Cisco switches (e.g. 3550/3560) and you would like to provide a VPLS-like service to your customers. Since VPLS is a ...