Go to the top

Tag Archives: ASA

SFR Install
Thursday / Nov 29, 2018 /

Re-image Cisco ASA Firepower module SFR

Ziaul / ASA, Firepower, Network Security /

Re-image Cisco ASA Firepower module SFR Re-imaging the SFR module on ASA would set everything to factory default. Normally, its done when something has gone horribly wrong or the module is not behaving correctly i.e FMC cannot contact the module after ticking all the boxes. All upgrades to SFR should be performed using FMC or other […]

Continue reading
Firepower-FMC
Wednesday / Nov 28, 2018 /

Configuring Cisco NGIPS – ASA with Firepower and FMC

Ziaul / ASA, Firepower, Network Security /

Cisco Firepower Management Center (FMC):    Cisco Firepower Management Center (formerly FireSIGHT Management Center) is the administrative nerve center for Cisco security products running on a number of different platforms. It provides complete and unified management of firewalls, application control, intrusion prevention, URL filtering, and advanced malware protection. The Management Center is the centralised point for […]

Continue reading
Firewall-Security
Monday / Nov 19, 2018 /

Harden Cisco ASA Firewall – Best Practice

Ziaul / ASA, Network Security /

Cisco ASA is a security device that combines firewall, intrusion prevention, virtual private network (VPN) capabilities, and other security features. It provides proactive threat defense that stops attacks before they spread through the network. It is used as a security solution for both small and large networks. Below are the config snippets that can be […]

Continue reading
AnyConnect
Thursday / Aug 02, 2018 /

Importing SSL Key and Certificate on ASA for Anyconnect – CLI

Ziaul / Network Security, VPN /

Below are the steps to successfully import and use third party SSL certificate on ASA for Clientless SSLVPN and the AnyConnect client connections. Its fairly simple when the key is generated and CSR requested from ASA and then 3rd party certificate is imported. The steps below would focus the situation where the certificate already exists […]

Continue reading
SNMPv3
Tuesday / May 29, 2018 /

Config snippet – SNMPv3 IOS, ASA

Ziaul / Cisco /

SNMPv3 IOS ! All OID read only ! ip access-list standard MONITORING_SVRS permit x.x.x.x x.x.x.x permit x.x.x.x x.x.x.x deny any log exit ! snmp-server group MONITORING-READ v3 priv ! snmp-server user xxxx MONITORING-READ v3 auth sha ABCDABCD priv aes 128 WXYZWXYZ access MONITORING_SVRS ! end ! Restricted OID read only ! ip access-list standard MONITORING_SVRS […]

Continue reading
VPN_Preempt
Thursday / Jan 11, 2018 /

Cisco ASA VPN failover & Preempt

Ziaul / ASA, Cisco, VPN /

In a situation where VPN failover feature on same encryption domain and preempt feature is needed, the following solution can be used. This is done using EEM script and supported from IOS 9.2+. Embedded Event Manager (EEM) feature enables debugging problems and provides general purpose logging for troubleshooting. The EEM responds to events in the […]

Continue reading