October 19, 2018

Category: Configuration

Cisco :: Configuring Site-to-Site VPN’s on ASA Firewalls

In this video session, I cover how to configure L2L VPN’s on Cisco ASA Firewalls.  I have included the presentation from the video along with the essential configurations used to create a L2L VPN. Configuring Site-to-Site VPN's on ASA Firewalls from Kelvin Charles Configuration Used ***ASAv1*** ASA Version 9.8(3) ! hostname ASAv1 ! interface GigabitEthernet0/0 […]

Learning :: What is a DMZ?

In this video, I discuss what a DMZ is and how they’re typically deployed from an architecture perspective. We also take a look at how to configure a basic DMZ using a Cisco ASA firewall. What is a DMZ? from Kelvin Charles

Cisco :: Manually Add SSH Public Key’s to FXOS Devices

Background In this article, I want to cover the process of adding SSH host key’s to the FXOS chassis’. This process doesn’t seem to be widely documented hence the reason for wanting to capture and share the process. When configuring SSH on a Firepower chassis, you’re given the ability to configure strict host key checking. […]

FortiGate :: HA Routed Failover w/ Session Failover

A recent requirement that came up was for there to be a redundant pair of firewalls, which allowed for session failover, configuration synchronisation and also maintain different external IPs and seperate BGP peering. A niche request, but something that was supported with FortiGates. Below details some configuration examples to achieve this. Config and Session Sync […]

Cisco :: Upgrade or Reimage Firepower 8300 Sensors?

Recently I was tasked with upgrading some new Firepower 3D8350 sensors which would later be stacked into a 3D8360. These devices were shipped with software version 5.4.0.1 and I had a customer requirement to upgrade the sensors to version 6.2. I would normally stack these devices and upgrade them using the FMC, however, I didn’t […]

CCIE Security v5 :: ICMP Redirects

Today I wanted to share my CCIE Security notes on ICMP redirect messages. ICMP Redirection is used to notify hosts that a better route is available for packets destined for a specific destination. This feature is available and enabled by default on all Cisco IOS releases but it is worth mentioning that there may be […]

Cisco :: Configure ASAv To Use Virtual Serial Ports

In this article, I will demonstrate how to configure the ASAv so that you use a virtual serial port. This article assumes that you have installed the virtual Cisco Adaptive Security Appliance using VMware workstation or it’s equivalent and that you can only access the ASAv CLI via the VMware client. By default, the virtual serial […]

Cisco :: FXOS Authentication Using TACACS

In this article, I will describe how to enable authentication and authorization for Firepower eXtensible Operating System (FXOS) devices. The use case presented in this document illustrates how Cisco Identity Services Engine (ISE) can be utilised with attribute-value pairs (AV-Pairs) to authenticate and authorize users accessing the Firepower Chassis Manager (FCM) or FXOS platforms via […]

Cisco ASA :: Verifying ICMP Reachability on the ASA

If you’re a firewall engineer or work closely with the Cisco ASA then no doubt you will often find yourself troubleshooting and verifying reachability of packets on a network. One great feature that the ASA has to test reachability is the ‘packet-tracer’ command which when given an input will provide you with a very handy […]

Cisco ASA :: Object NAT

In this video demonstration, we take a look at Object NAT and how it can be used to map hosts statically.    
Page 1 of 212 »

Subscribe to SYNACK via Email