technical – Page 2

Study Notes – Basic Multi-Context ASA Setup

March 25, 2023March 24, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !——————————–! ! Basic Multi-Context ASA Setup ! !——————————–! ! !ASA Security contexts allow a firewall to be logically provisioned into multiple smaller firewalls, with interfaces physically allocated to each logical box. contexts can…… Continue reading Study Notes – Basic Multi-Context ASA Setup

Study Notes – ASA Active/Standby Failover With LAN and STATE Links

March 24, 2023March 22, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !————————————! ! ASA Active/Standby Failover With ! ! LAN and STATE Links ! !————————————! ! !in this setup there is no value in configuring the secondary ASA with anything other than minimum config…… Continue reading Study Notes – ASA Active/Standby Failover With LAN and STATE Links

Study Notes – Transparent ASA

March 23, 2023March 22, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. Transparent ASA Notes Bump in the wire deployment, no need to change layer 3 topology to insert security control BPDUs and ARP are allowed by default IP traffic is enabled for inspection by…… Continue reading Study Notes – Transparent ASA

Study Notes – FlexVPN Spoke-to-Spoke (PSK Auth)

March 22, 2023March 17, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !—————————————-! ! FlexVPN PSK Spoke-to-Spoke (PSK Auth) ! !—————————————-! ! !To configure FlexVPN and allow dynamic Spoke to Spoke tunnels, we need to do a few things differently from the Hub and Spoke…… Continue reading Study Notes – FlexVPN Spoke-to-Spoke (PSK Auth)

Study Notes – FlexVPN Hub and Spoke with Negotiated Tunnels and PSK Auth

March 20, 2023April 20, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !————————————————! ! FlexVPN with Negotiated Tunnels and PSK Auth ! !————————————————! ! !building on sVTI/dVTI, FlexVPN allows for hub and spoke or dynamic spoke-to-spoke WAN mesh/partial mesh while also supporting the ability to…… Continue reading Study Notes – FlexVPN Hub and Spoke with Negotiated Tunnels and PSK Auth

Study Notes – IKEv2 sVTI/dVTI Point-to-Point VPN

March 19, 2023March 19, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !—————————! ! IKEv2 sVTI/dVTI P2P VPN ! !—————————! ! !In a typical sVTI or GREoIPSec point-to-point VPN tunnel, we generally know the external/initiating identity IP of each peer router, and we can configure…… Continue reading Study Notes – IKEv2 sVTI/dVTI Point-to-Point VPN

Study Notes – IKEv2 DMVPN with RSA-Sig Auth and fVRF

March 18, 2023March 15, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !————————————-! ! IKEv2 DMVPN with RSA-SIG and fVRF ! !————————————-! ! !—————————- ! R1 DMVPN Hub and CA !—————————- ! !start by creating the basic fvrf underlay and ivrf (default/global) interfaces ! int…… Continue reading Study Notes – IKEv2 DMVPN with RSA-Sig Auth and fVRF

Study Notes – Basic IKEv2 Route-Based VPN using sVTI on IOS

March 17, 2023March 17, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !——————————————–! ! IKEv2 Route-Based VPN using sVTI on IOS ! !——————————————–! ! !We configure this the same was as policy-based VPN, except instead of a crypto map we apply an IPSec profile, just…… Continue reading Study Notes – Basic IKEv2 Route-Based VPN using sVTI on IOS

Study Notes – Basic IKEv2 Policy-Based VPN Config on IOS

March 16, 2023March 14, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !——————————————-! ! Basic IKEv2 Policy-based VPN on IOS ! !——————————————-! ! !with IKEv2 we gain some scalability benefits along with other security features like PRF and anti-replay !aside from the Phase 1 config…… Continue reading Study Notes – Basic IKEv2 Policy-Based VPN Config on IOS

Study Notes – VRF-Aware Policy-Based IKEv1 VPN

March 15, 2023March 13, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !—————————————–! ! VRF-Aware Policy-Based IKEv1 VPN ! !—————————————–! ! !In this topology we have two VRFs, custa and custb, with duplicate IP space and a policy-based tunnel spun up dynamically to encrypt traffic…… Continue reading Study Notes – VRF-Aware Policy-Based IKEv1 VPN

CCIE #TBD

A CCIE Study Journal

Category: technical