Cisco ASA Redundant Interface Configuration

“Sponsored Links” In addition to device-level failover, you can also configure interface redundancy on the same chassis of a Cisco ASA firewall. Basically you create a logical interface pair bundle (called “interface redundant“) in which you include two physical interfaces. If one of the interfaces fail, the second one in the redundancy pair takes over […]

Cisco CCNA Security Certification

As information security threats are exploding, the network security certifications are getting more and more attention and demand. The Cisco CCNA Security Certification is an excellent choice for a starting network professional since enterprises started to seek professionals with security skills. The Cisco CCNA security leads also to two other popular and hot certifications, the […]

Cisco Firewall Service Module – FWSM

The Cisco Firewall Service Module (FWSM) is a module card installed on 6500 switches or 7600 routers and is based on the Cisco PIX/ASA security software. It integrates security services in the popular 6500/7600 network devices, providing one of the fastest firewall data rates in the industry. With 5 Gbps firewall throughput per module, and […]

Password Recovery for the Cisco ASA 5500 Firewall

If you have lost the administrator password to access the security appliance you can recover the password with the following steps: Step1: Connect to the firewall using a console cable Step2: Power cycle the appliance (power off and then on) Step3: Press the Escape key to enter ROMMON mode Step4: Use confreg command to change […]

Access To Hosts from Outside a Cisco ASA

Question: Hello, I want to enable access to server on ip address: 192.168.100.30 on port 22 located in inside interface from internet (outside) We have ASA 5520 Cisco Adaptive Security Appliance Software Version 8.0(2) My config (only relevant lines): interface GigabitEthernet0/0 nameif Outside security-level 0 ip address 172.146.147.13 255.255.255.248 standby 172.146.147.12 ! interface GigabitEthernet0/1 nameif […]

Permitting traffic to enter and exit the same interface

With the older Cisco PIX firewall appliances, there was no way for traffic to enter a specific interface and then exit back from the same interface again. With the new Cisco ASA models, this is also not supported by default, but you can enable this functionality with the same-security-traffic permit intra-interface command. The schematic above […]

NAT Question for Cisco ASA 5505

QUESTION: I am configuring a Cisco ASA5505 with DMZ. I have local lan 192.168.103/24 and DMZ 10.103.1.0/24. I am able to connect from LAN to DMZ using 10.103.1.0/24 address but not the other way around. I can add either a static or dymanic NAT for this. I’m not sure how to configure the NAT to […]