Understanding the Cisco ASA Firewall

Understanding the Cisco ASA Firewall

by Jimmy Larsson
Released September 2016
Publisher(s): Infinite Skills
ISBN: 9781491969649

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Video description

This is a best practices course on how to set-up, manage, and troubleshoot firewalls and VPNs using the Cisco ASA (Adaptive Security Appliance). Drawing on his 15 years of experience implementing Cisco firewalls, instructor Jimmy Larsson shows you the actual hands-on commands and configurations he uses in real life situations.

The course is targeted at first time Cisco ASA users and those with some ASA experience looking to fill the gaps in their knowledge. Larsson recommends that learners have access to a Cisco firewall in order to practice the methods covered in the course.

  • Gain the practical knowledge required to set-up and manage Cisco firewalls and VPNs
  • Explore ASA hardware models, CLI basics, and core firewall configuration practices
  • Acquire a thorough understanding of how network address translation works
  • Learn basic and advanced methods for configuring the AnyConnect client VPN solution
  • Discover how to configure, manage, and troubleshoot site-to-site VPN tunnels
  • Understand packet capture and how to use troubleshooting tools like Packet Tracer
  • Get exposed to advanced methods for enhancing firewall functionality
Jimmy Larsson runs Secyourity AB, a network security company focused on Cisco-based security products and solutions. He's been in IT since 1990 working for companies such as ATEA and LAN Assistans. He's certified in Cisco CCNA Routing & Switching, CCNA Security, CCNP Routing & Switching, CCNP Security, Check Point CCSE, and ISC2 CISSP in Information Security.

Table of contents

  1. Introduction
    1. Welcome To The Course
    2. About The Author
  2. Introduction To The Firewall
    1. ASA Hardware Models
    2. CLI Basics Part - 1
    3. CLI Basics Part - 2
  3. Basic Configuration
    1. Interface Configuration
    2. 5505 Switchports
    3. Security Levels
    4. Same Security Level
    5. The Course Lab Environment
    6. Implementing Access Lists Part - 1
    7. Implementing Access Lists Part - 2
    8. Introduction To NAT
    9. Fixup Protocol ICMP
    10. Management Access Part - 1
    11. Management Access Part - 2
    12. Firewall Local DHCP Server
    13. A Basic Firewall Configuration Part - 1
    14. A Basic Firewall Configuration Part - 2
    15. An Introduction To ASDM Part - 1
    16. An Introduction To ASDM Part - 2
  4. Network Address Translation In Depth
    1. Network Address Translation Part - 1
    2. Network Address Translation Part - 2
    3. Network Address Translation Part - 3
    4. Network Address Translation Part - 4
    5. NAT And Access Lists
  5. Anyconnect Client VPN Setup
    1. Two Types Of VPN Connections
    2. Two Types Of VPN Clients
    3. SSL Certificates Part - 1
    4. SSL Certificates Part - 2
    5. Download Anyconnect Files From Cisco
    6. Upload .Pkg Files To ASA
    7. Default Licenses In ASA
    8. Configuring The .Pkg-Files To Use
    9. Activating Anyconnect (Enabling)
    10. Logging And Debugging Anyconnect
    11. Connecting But No Traffic Flow
    12. Fix NAT To Make It Work
    13. Internet Access Via The Tunnel
    14. Split Tunneling
    15. Making The User Select Connection Profile
    16. VPN Filter
    17. Client Profile Editor
    18. LDAP Authentication Of Users
    19. Dynamic Access Policies Part - 1
    20. Dynamic Access Policies Part - 2
  6. IPSEC VPN
    1. The Life Of An IPSEC-Tunnel
    2. Information Needed
    3. Configuring Phase 1 Parameters
    4. Configuring Phase 2 Parameters
    5. Proxy ACL And Crypto Map Configuration
    6. Finalising The VPN Configuration
    7. Testing The Tunnel
    8. Modifying NAT To Make The Tunnel Work
  7. Troubleshooting Tools
    1. Logging And Debugging
    2. Packet Tracer
    3. Packet Capture
  8. Advanced Topics
    1. Transparent Mode
    2. Multi Context
    3. Failover
    4. Trunks And Etherchannels
  9. Conclusion
    1. Wrap Up And Thank You

Product information

  • Title: Understanding the Cisco ASA Firewall
  • Author(s): Jimmy Larsson
  • Release date: September 2016
  • Publisher(s): Infinite Skills
  • ISBN: 9781491969649