config – CCIE #TBD

Profiling Wired Endpoints without 802.1x or MAB using IBNS2.0

April 18, 2024April 18, 2024 Posted in technicalLeave a comment

One of the first steps to designing and deploying ISE (or any NAC solution) is to gain visibility and understand what is actually out there connecting to your network, so you can design your policy and understand the impact of enacting it.For some types of endpoints, this is relatively easy (i.e. Windows laptops), but for…… Continue reading Profiling Wired Endpoints without 802.1x or MAB using IBNS2.0

Study Notes – IOS Zone-Based Firewall

April 2, 2023March 29, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. ZBFW troubleshooting – https://www.cisco.com/c/en/us/support/docs/security/ios-firewall/117721-technote-iosfirewall-00.html Note about self-zone – https://community.cisco.com/t5/security-knowledge-base/zbfw-self-zone-integration/ta-p/3154572 !—————————–! ! IOS Zone-based Firewall ! !—————————–! ! ! Lets configure a ZBFW with the following arbitrary requirements: ! !1. all inside hosts must…… Continue reading Study Notes – IOS Zone-Based Firewall

Study Notes – IKEv1 Tunnel Through an ASA with NAT-Traversal

April 1, 2023March 28, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !—————————! ! IKEv1 tunnel Through ! ! an ASA with NAT-T ! !—————————! ! !here we will configure a basic GREoIPSec tunnel between two routers through an ASA, but one of the routers…… Continue reading Study Notes – IKEv1 Tunnel Through an ASA with NAT-Traversal

Study Notes – IOS-to-IOS VPN Through an ASA

March 31, 2023March 28, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !———————————! ! IOS Router VPN through an ASA ! !———————————! ! !in this setup we will configure an IOS to IOS VPN which must pass THROUGH an ASA without NAT, where we need…… Continue reading Study Notes – IOS-to-IOS VPN Through an ASA

Study Notes – ASA to IOS IKEv2 Policy-based VPN with Manual NAT Exemption

March 30, 2023March 28, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !———————————————-! ! Policy-based IKEv2 VPN between ASA and IOS ! ! With Manual NAT Exemption ! !———————————————-! ! !in this setup we will stand up an IKEv2 based tunnel between an ASA and…… Continue reading Study Notes – ASA to IOS IKEv2 Policy-based VPN with Manual NAT Exemption

Study Notes – ASA to IOS Policy-Based IKEv1 VPN with Manual NAT Exemption

March 29, 2023March 28, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !———————————————-! ! Policy-based IKEv1 VPN between ASA and IOS ! ! With Manual NAT Exemption ! !———————————————-! ! !in this setup we will stand up an IKEv1 based tunnel between an ASA and…… Continue reading Study Notes – ASA to IOS Policy-Based IKEv1 VPN with Manual NAT Exemption

Study Notes – Basic ASA to IOS IKEv1 Policy-Based VPN

March 28, 2023March 28, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !———————————————-! ! Policy-based IKEv1 VPN between ASA and IOS ! !———————————————-! ! !in this setup we will stand up an IKEv1 based tunnel between an ASA and an IOS router based on interesting…… Continue reading Study Notes – Basic ASA to IOS IKEv1 Policy-Based VPN

Study Notes – Basic Active-Active ASA HA Pair Config

March 27, 2023March 24, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !——————————————! ! Basic Active-Active ASA HA Pair Config ! !——————————————! ! !we can take the concept of Active/Standby hardware HA as well as multiple contexts and create, effectively, multiple logical HA pairs where…… Continue reading Study Notes – Basic Active-Active ASA HA Pair Config

Study Notes – Basic Multi-Context ASA Setup

March 25, 2023March 24, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !——————————–! ! Basic Multi-Context ASA Setup ! !——————————–! ! !ASA Security contexts allow a firewall to be logically provisioned into multiple smaller firewalls, with interfaces physically allocated to each logical box. contexts can…… Continue reading Study Notes – Basic Multi-Context ASA Setup

Study Notes – ASA Active/Standby Failover With LAN and STATE Links

March 24, 2023March 22, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !————————————! ! ASA Active/Standby Failover With ! ! LAN and STATE Links ! !————————————! ! !in this setup there is no value in configuring the secondary ASA with anything other than minimum config…… Continue reading Study Notes – ASA Active/Standby Failover With LAN and STATE Links

CCIE #TBD

A CCIE Study Journal

Tag: config