Archive for 'CCIE Security' Category
Ccie Security Lab Blueprint, Please read
Ccie Security Lab Blueprint, Please read Firewall PIX and ASA Firewall Basic Initialization Access Management Address Translation ACLs IP Routing Object Groups VLANs AAA VPNs Filtering Failover Layer 2 Transparent Firewall Security Contexts (Virtual F...
Easy VPN Combined with VRF Lite
Although the CCIE Security lab still has old IOS 12.2T installed on all routers, it`s more convenient to discuss ezVPN technology using the approach prompted by recent IOS releases. Specifically, for our purposes we will utilize the feature known as V...
Using GNS3 to Help Master the PIX/ASA - Basic Setup and the First Emulation
Hello all. I have had some peers ask me for help in getting up and running quickly with GNS3 to help master the PIX/ASA.
Here is my step-by-step on that.
I am installing on the following system:
Alienware
Windows Vista Home P...
QoS on the PIX/ASA - Part 1:What Tools are Available?
This blog is focusing on QoS on the PIX/ASA and is based on 7.2 code to be consistent with the CCIE Security Lab Exam as of the date of this post.?I will create a later blog regarding new features to 8.X code for all of you non-exam biased readers
IP Routing on the PIX/ASA
This post was created using GNS3 and follows what I thought was some of the most lab and real-world relevant content from the Cisco ASA documentation in the area of IP Routing:
?
http://www.cisco.com/en/US/docs/security/asa/asa72/configura...
Transparent Mode Firewall Guidelines
As I am sure you have already seen from the blog on setting up the security device as a Layer 2 device, there are many interesting changes that occur on a PIX or ASA when configured for transparent operations. This blog highlights the major changes an...
Transparent Firewall - Things That Go Bump on the Wire!
This blog will examine the basic setup of the transparent firewall feature available with the PIX and the ASA. This blog was based on the PIX-525 running 7.2(4) code with a Restricted license in GNS3. Here is the topology that was used:
Remembe...
QoS on the PIX/ASA - Part 4:Traffic Shaping and Traffic Policing
In this final part of our blog series on QoS with the PIX/ASA, we examine the remaining two tools that we find on some devices - traffic shaping and traffic policing.
Traffic Shaping
Traffic shaping on the security appliance allows the dev...
CCIE Security 2.X Verification Commands “Cheat Sheet”
Thanks to Anisha with Cisco Systems for this idea. We were in Brian McGahan’s CCIE Security 5 Day Bootcamp, and she realized it would be nice to have a Quick Ref of his troubleshooting/verification commands. There is a bazillion shows and debugs...
Binary Math - Part I
As CCIE candidates, we are asked to do all sorts of things with access lists.? We have them in lots of different places, and use them in lots of different ways.? So many, sometimes, that it becomes very confusing to follow things!
Access-lists t...