Category Archive: Security

Jun 04

ASA 8.4 Upgrade Path – 8.2 to ASA 8.4 with Zero Downtime

This post details the process that I followed for ASA 8.4 Upgrade  Path – 8.2(0) to ASA 8.4(4) with Zero Downtime. The units are in Active-Failover configuration. The process was done in stages, first was to upgrade the memory module second was to upgrade the software on the device. This process worked for me and …

Continue reading »

May 09

Cisco ASA 8.4 Migration – Test it first on GNS3

This post details how to test Cisco ASA 8.4 migration on GNS3 such that you know in advance how its going to effect your existing configuration(Pre 8.3).  To do this you will have to first follow the following post which will get you an ASA working and is connected to its host machine.

http://www.xerunetworks.com/2012/03/asa-84-asdm-on-gns3-step-by-step-guide/

Continue reading »

Mar 23

ASA 8.4 Site to Site IPSec VPN – Hairpinning

This post details how to setup Site to Site VPN with ASA 8.4 and hairpinning enabled. This would mean that remote site can not only get access to networks on Main Site but can also access the internet through this site.  This Lab is built on the previous lab however instead of allowing only particular …

Continue reading »

Mar 18

Connect GNS3 Network to Real Networks / Other GNS3 Network

This posts details how to connect GNS3 network to real networks. you can use this post for various scenarios, in fact whatever you can think of. So, say for example you have a physical router connected to your home network and you want to configure VPN between your router and  ASA (or any other device) …

Continue reading »

Mar 15

Cisco MDS 9000 Series AAA Configuration

Here is a sample for Cisco MDS 9000 Series AAA Configuration. There are two parts of it, one is to config ACS Server and Second is to configure the Switch itself. First I am detailing the switch configuration and then the ACS Config.

 

Switch Configuration

We need some basic knowledge of the setup before …

Continue reading »

Mar 15

Cisco MDS 9000 Key Mismatch Error for SAN-OS Version 3.1 – AAA Config

Though 3.1 is quite old version but still maybe in use on Fabric Switches somewhere on your network. While configuring AAA on these switches you specify Shared Secret key which matches with what you had configured on your ACS / Radius Server. The product documentation states that you can any secret key within certain length …

Continue reading »

Mar 13

ASA 8.3 / 8.4 Double NAT / Source Destination NAT Migration Lab Guide – Lab 1.4

Main Post http://www.xerunetworks.com/2012/03/asa-8384-nat-migration-lab-guide/

This lab is part of the series of LAB which details how migrate NAT configurations from Pre ASA 8.2 version to ASA 8.3/8.4

Lab1.3 Setup

Double NAT/Source Destination NAT

We will start with a fresh LAB, not building on what we had before because the old config/topology was getting too …

Continue reading »

Mar 06

ASA 8.3/8.4 NAT Migration Lab Guide – Lab 1.3

Main Post http://www.xerunetworks.com/2012/03/asa-8384-nat-migration-lab-guide/

This lab is part of the series of LAB which details how migrate NAT configurations from Pre ASA 8.2 version to ASA 8.3/8.4 Lab1.3 Setup

Static NAT, Static Policy NAT, Staic NAT with Port Translation, Many to Many Static NAT

Building on what we had before (Lab 1.2) lets add few …

Continue reading »

Mar 06

ASA 8.3/8.4 NAT Migration Lab Guide – Lab 1.2

Main Post

http://www.xerunetworks.com/2012/03/asa-8384-nat-migration-lab-guide/

This lab is part of the series of LAB which details how migrate NAT configurations from Pre ASA 8.2 version to ASA 8.3/8.4

Lab1.2 Setup

 

Dynamic NAT/PAT, Dynamic NAT/PAT Interface Overload, Dynamic Policy NAT/PAT Combined

Building on what we had before lets add few more subnets to the ISP router. …

Continue reading »

Mar 06

ASA 8.3/8.4 NAT Migration Lab Guide – Lab 1.1

Main Post

http://www.xerunetworks.com/2012/03/asa-8384-nat-migration-lab-guide/

This lab is part of the series of LAB which details how migrate NAT configurations from Pre ASA 8.2 version to ASA 8.3/8.4 Lab1.1 Setup

Dynamic Policy NAT / PAT

Building on what we had before lets add one more router to the picture and consider this as …

Continue reading »

Older posts «