ក្រុមការងារយើងខ្ញុំនិងខិតខំសិក្សារស្រាវជ្រាវចំនេះដឹងបន្ថែមទៀតសំរាប់លោកអ្នក សូមអរគុណសំរាប់ការគាំទ្រ !
Cisco ASA Firewall Introduction

Cisco ASA Firewall Introduction

10:45:00 PM
1. What is ASA ?
 ASA ( Adaptive Security Appliance ) : is a Cisco firewall appliance used for:
- Firewall ( Stateful Packet Filter )
- IPS ( Inspection & Prevention Service )
- threat Control ( Integrated with IPS-Anti-Malware )
- VPN (IPSec/SSL)





Firewall have 2:
- stateless : filter layer 2,3,4 = ACL = Router
- state full : filter layer 2,3,4...7

Interface speed:
- Ethernet = 10Mb
- Fast Ethernet = 10/100Mb
- Gigabit Ethernet = 100/1000Mb
- Metro Ethernet = 1G -100G = fiber optic

2. ASA Model 

3. ASA License & Features


 4. ASA 5510/20/40 Interface


5. ASA Access Mode


User Mode (UnPrivileged Mode)
Router>enable
Privileged Mode
Router#configure terminal
Global Configuration Mode
Router(config)#interface fastethernet0/0
Interface Configuration Mode
Router(config-if)#>ip address 192.168.1.1 255.255.255.0
6. First Time Configuration

Change Hostname
ASA(config)#hostname ASA
Configure IP Address for LAN Interface
ASA(config)#show interface ip brief
ASA(config)#interface FastEthernet0/1
ASA(config-if)#nameif inside
ASA(config-if)#security-level 100
ASA(config-if)#ip address 192.168.1.1 255.255.255.0
ASA(config-if)#no shut
Configure Console Password
ASA(config)#username admin password 123
ASA(config)#aaa authentication serial console LOCAL
Configure Enable Password (Privileged Mode Password)
ASA(config)#enable password 123
Configure SSH
ASA(config)#username admin password 123
ASA(config)#aaa authentication ssh console LOCAL
ASA(config)#crypto key generate rsa modulus 1024
ASA(config)#ssh 192.168.1.0 255.255.255.0 inside
ASA(config)#ssh 192.168.1.2 255.255.255.255 inside
ASA(config)#ssh timeout 10
ASA(config)#show ssh
Clock configuration
ASA(config)#clock set 01:06:00 26 Apr 2018
ASA(config)#show clock
Show configuration
ASA#show startup-config (NVRAM)
ASA#show running-config (RAM)
Save configuration to NVRAM
ASA#write [memory]
ASA#copy run start
ASA#reload
Remove configuration
ASA(config)#no hostname ASA
ASA(config)#no enable password
ASA(config-if)#no ip address
Remove all saved configuration in NVRAM
ASA#write erase

7. Connect ASA using ASDM

Enable HTTP Server for ASDM
ASA(config)#http server enable
ASA(config)#http 10.0.0.0 255.255.255.0 inside




EmoticonEmoticon

Subscribe to: Post Comments (Atom)