Tag Archives: asa

Don’t Forget about the ASA’s “show conn” Command

I often find myself troubleshooting connections through an ASA. As a firewall, the ASA is often blamed for network connectivity issues. Therefore, we often just want to determine if the issue is upstream or downstream from the firewall. One of … Continue reading

Posted in CCNA Security, Certification, Security, Technology | Tagged , , , | 5 Comments

Using the Brocade vRouter VPN Capabilities

One of the challenges that must be overcome as servers are migrated to a cloud service provider is the ability to continue to reach all servers and securely communicate with them for various administrative and data transfer needs. NAT can … Continue reading

Posted in Events, Network, Security, Technology | Tagged , , , , , | 2 Comments

ASA HTTP Filtering by Domain with Host Headers

One of the questions that regularly comes up with firewalls is how to filter based on domain name. Access Control Lists, or ACLs, are designed to filter based on IP addresses and networks. One of the things that many would … Continue reading

Posted in CCIE Security, Certification, Security, Technology | Tagged , , , | 4 Comments

Cisco ASA — Minimizing Challenges with VPN and Management Traffic

The ASA appliance is a very popular choice for the branch office environment. It provides flexible security and is a good termination point for a VPN connection back to a headquarter location. One challenge that technicians often run into is … Continue reading

Posted in CCNA Security, Certification, Network, Security, Technology | Tagged , , , , | 1 Comment

Cisco ASA 8.4 VPN — Dealing with Internet Hairpin Traffic

Over the past few months, I have received a few requests regarding hairpin scenarios and the ASA. Earlier, I provided a scenario that deals with hairpinning (also known as U-Turn) traffic between two VPN spokes in a typical ASA environment. In another … Continue reading

Posted in CCIE Security, CCNA Security, Certification, Security, Technology | Tagged , , , , , | 2 Comments

Hairpinning VPN and Internet With NAT In ASA 8.2

Over the past few months, I have received a few requests regarding hairpin scenarios and the ASA. Some time back, I provided a scenario that deals with hairpinning (also known as U-Turn) traffic between two VPN spokes in a typical … Continue reading

Posted in CCIE Security, CCNA Security, Certification, Security, Technology | Tagged , , , , , | 5 Comments

ASA Guest Network With Limited Inside Access

Several months ago, I published an article called Using an ASA to Establish a Guest Network. While this article covered the simple concept of using a DMZ interface to create a simple Guest Network, it did not address one issue that … Continue reading

Posted in CCIE Security, CCNA Security, Certification, Security, Technology | Tagged , , | 9 Comments

The History of the PIX/ASA (TAC Security Podcast)

Anyone who deals with the Cisco ASA on a regular basis, understands it is a unique device. Actually it is an evolution that began many years ago and was eventually acquired by Cisco. If you ever wanted to know the … Continue reading

Posted in Blogroll, Security, Technology | Tagged , , , | Comments Off on The History of the PIX/ASA (TAC Security Podcast)

Span Port on the ASA 5505

There are a few ASA features that are specific to the 5505. This small business version of the Cisco firewall works a little different than the higher performance models. The ASA 5505 is basically an 8 port switch with the … Continue reading

Posted in Network, Security, Technology | Tagged , , | 3 Comments

IP Helper Address on the ASA

In a branch office environment, it is often desirable to backhaul DHCP requests to a centralized DHCP server. DHCP request are initially sent to a broadcast address and therefore do not typically get forwarded through a router or other layer … Continue reading

Posted in CCIE Security, Certification, Network, Security, Technology | Tagged , , , | 12 Comments

Classifying IPSec Traffic for Hierarchical Priority Queuing with the ASA

This past weekend I wrote an article that demonstrated the use of hierarchical priority queuing with the ASA. The last example in that article showed that this qos method properly with the IPSec encapsulated traffic as well. Today’s article started … Continue reading

Posted in CCIE Security, Certification, Network, Security, Technology | Tagged , , , , | 1 Comment

How to Implement Priority Queuing on the ASA

Last week, I wrote about one of the typical scenarios that we run into with ASA implementation. As described here, that scenario is one in which the ASA can transmit traffic at 100Mb/s (or 1000Mb/s), but our service provider dropped … Continue reading

Posted in Network, Security, Technology | Tagged , , , | 3 Comments