Popular Posts
Live Tweets
- New article--GNS3 Tabbed Terminal Window in Mac OSX. packetu.com/2012/05/15/gns… 3 days ago
- New PacketU article, Multiple Protocols Over IPSec -- packetu.com/2012/05/08/mul… 1 week ago
- RT @KendrickColeman: I hope that kendrickcoleman.com being shut down isn't a bad omen for things to come at Derby... 1 week ago
- My 13 yr old son playing Skillet-Whispers in the Dark-at the school concert youtube.com/watch?v=_ZNyy8… 2 weeks ago
- Into networking in the datacenter? I recommend --... fb.me/1Cyu9nWB7 2 weeks ago
-
Recent Posts
Recent Comments
Author Archives: Paul Stewart, CCIE 26009 (Security)
How to Implement Priority Queuing on the ASA
Last week, I wrote about one of the typical scenarios that we run into with ASA implementation. As described here, that scenario is one in which the ASA can transmit traffic at 100Mb/s (or 1000Mb/s), but our service provider dropped … Continue reading
QoS Challenges with VPNs
Something that comes up regularly are questions regarding QoS on VPN’s. There are several challenges related to QoS in the typical Internet connected environments that I come in contact with. These challenges are not really a result of the VPN … Continue reading
Changes Required for AnyConnect in 8.4
A few days ago I wrote an article that explained the configuration steps required to implement a basic AnyConnect environment. That article was based on a pre-8.3 version of the ASA OS. Many organizations are starting to implement ASA 8.4 … Continue reading
ASA DSCP Preservation with IPSec
Cisco documents a feature called “DSCP Preservation” in regards to ToS Byte handling on the ASA. This basically means that the ToS Byte is left in tact as packets flow through the firewall. But what happens to the ToS Byte … Continue reading
15 Top Paying IT Certifications–Not Really
Today, I received a newsletter from Global Knowledge. The first article listed was “15 Top Paying IT Certifications for 2012“. I wanted to pose an interpretation to this article. It is not the certifications that are valuable, but what those … Continue reading
Posted in career
Leave a comment
Getting Started with Cisco Anyconnect
For the last few years, Cisco has been attempting to do away with what they call the Cisco EZVPN client. This has been the solution used by many corporate users in the mobile workforce for secure access to enterprise data. … Continue reading
CCIE Routing and Switching Written Exam Resources
Last week I took and passed the CCIE Routing and Switching Written exam (350-001). The first and foremost reason for taking this exam was to re-certify my current CCIE Security certification. Cisco requires any CCIE level written exam to be … Continue reading
The Future of the OSI Model
The OSI model is that thing that everyone seems to love to hate. The OSI is actually just a model that has its roots in the International Organization for Standardization. We’ve all had disagreements how certain protocols map to certain … Continue reading
Posted in Uncategorized
Leave a comment
Migrating ASA NAT Exemption Configuration
NAT exemptions are often required when a single ASA appliance is performing NAT and terminating VPN connections. In ASA configurations prior to 8.3 and 8.4, NAT exemptions were configured with “nat 0 access-list <acl name>” and a related access-list.
ASA L2L VPN Spoke to Spoke Communication
It seems like some of the more challenging things to do on an ASA involve some sort of traffic being redirected out the same interface it was received on. This article addresses the requirement for spoke to hub to spoke … Continue reading
No SSH After Upgrading to 8.4
There are several changes when an ASA is upgraded from 8.2 to 8.4(2). The most notable of these are the ones dealing with the syntax of the NAT configuration. However, there is another gotcha that you might not be expecting. SSH will … Continue reading
Typical NAT/PAT Configuration Comparison for ASA 8.4
A little while back, I posted an article that took a very simple ASA configuration and migrated it to 8.4. This article takes it a step further and focuses on NAT and PAT, as well as the related access control … Continue reading
