Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • Cisco ASA Firewall Configuration

    Загружено:

    Qazi Tahir Hussain
    44 просмотров3 страницы
    1. The document provides instructions for configuring Cisco ASA firewalls in both single and multi-context modes. It includes tasks for basic firewall initialization, interface configuration, routing configuration, and converting to multi-context mode. 2. In multi-context mode, it describes initializing two contexts C1 and C2 with different interface configurations and IP addresses. Static routes are to be configured instead of a default route between the contexts. 3. Connectivity tests are outlined to verify the configuration, including pings between devices and accessing a web server through the firewall contexts.

    Исходное описание:

    For CCIE Students. ASA Lab

    Оригинальное название

    Section1_Lab1.pdf

    Авторское право

    © Attribution Non-Commercial (BY-NC)

    Доступные форматы

    PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ
    1. The document provides instructions for configuring Cisco ASA firewalls in both single and multi-context modes. It includes tasks for basic firewall initialization, interface configuration, routing configuration, and converting to multi-context mode. 2. In multi-context mode, it describes initializing two contexts C1 and C2 with different interface configurations and IP addresses. Static routes are to be configured instead of a default route between the contexts. 3. Connectivity tests are outlined to verify the configuration, including pings between devices and accessing a web server through the firewall contexts.

    Авторское право:

    Attribution Non-Commercial (BY-NC)
    Скачайте в формате PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    44 просмотров3 страницы

    Cisco ASA Firewall Configuration

    Загружено:

    Qazi Tahir Hussain
    1. The document provides instructions for configuring Cisco ASA firewalls in both single and multi-context modes. It includes tasks for basic firewall initialization, interface configuration, routing configuration, and converting to multi-context mode. 2. In multi-context mode, it describes initializing two contexts C1 and C2 with different interface configurations and IP addresses. Static routes are to be configured instead of a default route between the contexts. 3. Connectivity tests are outlined to verify the configuration, including pings between devices and accessing a web server through the firewall contexts.

    Авторское право:

    Attribution Non-Commercial (BY-NC)
    Скачайте в формате PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 3

    1

    CCIE Security Workbook

    Section 01: Cisco ASA Firewalls

    Section 1: Implement secure networks using Cisco ASA Firewalls


    Lab1: Perform basic firewall Initialization Configure firewall in single contexts:

    Task 1: Configure firewall with following parameters Hostname ASA1 1. Enable Password Cisco123 2. Domain-name cisco.com 3. Telnet password 123Cisco 4. You may allow any ICMP traffic anywhere in ASA 5. Make sure no device can ping ASA outside interface except R3 IP address 201.1.1.3 6. Configure interface with following parameters Interface Ethernet0/0 Ethernet0/1 Ethernet0/2.40 Ethernet0/2.50 Name Outside Inside DMZ40 DMZ50 Type Physical Physical Logical Logical Security Level 0 100 40 50 IP Address 201.1.1.10/24 10.1.1.10/24 10.40.40.10/24 10.50.50.10/24 VLAN 40 50

    Use exact names and numbers as shown in the table

    CCIE Security Workbook

    Section 01: Cisco ASA Firewalls

    Task 2: Configure Routing on ASA Interface Network ID Outside 20.1.1.0/24 Inside 10.1.1.0/24 DMZ40 10.40.40.0/24 DMZ50 10.50.50.0/24

    Routing Protocol OSPF RIPv2 RIPV2 OSPF

    Area 0 0

    1. Run routing protocols on ASA 2. Configure bi-directional redistribution 3. Make sure R2, R3 and R4 can ping R1 Loopback from their Loopbacks Configure Firewall in Multi-context:

    Task 1:Multi-Contexts 1. Convert firewall to multi-mode 2. Use contexts name as C1 and C2, context names are case-sensitive 3. Interface configuration of C1 and C2 is shown in the diagram Admin Context initialization details: Interface Name Type Ethernet0/4 Man Physical

    Security Level 100

    IP address 1.1.1.1/24

    VLAN -

    CCIE Security Workbook

    Section 01: Cisco ASA Firewalls

    Context C1 initialization details: Interface Name Ethernet0/1 Inside Ethernet0/2 DMZ Ethernet0/0.30 Outside Context C2 initialization details: Interface Name Ethernet0/0.40 Inside Ethernet0/0.30 Outside

    Type Physical Physical Logical

    Security level 100 50 0

    IP address 192.168.1.10/24 172.16.2.10/24 201.1.1.10/24

    VLAN 30

    Type Logical Logical

    Security level 100 0

    IP address VLAN 192.168.4.10/24 40 201.1.1.20/24 30

    Ethernet0/0.30 is shared between contexts Configure Switch to achieve this configuration Use all other parameters as appropriate Task 2: Configure Routing on ASA 1. Dont use default route, use static routes as appropriate in C1 and C2 2. Verify your configuration by running following ping commands from R3 Ping 192.168.2.2 source Loopback 3 Ping 192.168.4.4 source Loopback 3 Ping 10.44.44.4 source Loopback 3 Ping 192.168.1.1 should not pass through (Dont use ACL) 3. Inside interface should only be used to carry management traffic 4. Test PC is placed behind R4, configure Test PC with appropriate default gateway and then access R2 for https management, R4 is pre-configured for https management access use all other parameters as appropriate to accomplish this task. Test your configuration using IE form Test PC.

    Вам также может понравиться