This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !————————————! ! ASA Active/Standby Failover With ! ! LAN and STATE Links ! !————————————! ! !in this setup there is no value in configuring the secondary ASA with anything other than minimum config…… Continue reading Study Notes – ASA Active/Standby Failover With LAN and STATE Links
Tag: config
Study Notes – Transparent ASA
This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. Transparent ASA Notes Bump in the wire deployment, no need to change layer 3 topology to insert security control BPDUs and ARP are allowed by default IP traffic is enabled for inspection by…… Continue reading Study Notes – Transparent ASA
Study Notes – Basic IKEv2 Policy-Based VPN Config on IOS
This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !——————————————-! ! Basic IKEv2 Policy-based VPN on IOS ! !——————————————-! ! !with IKEv2 we gain some scalability benefits along with other security features like PRF and anti-replay !aside from the Phase 1 config…… Continue reading Study Notes – Basic IKEv2 Policy-Based VPN Config on IOS
Study Notes – VRF-Aware Policy-Based IKEv1 VPN
This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !—————————————–! ! VRF-Aware Policy-Based IKEv1 VPN ! !—————————————–! ! !In this topology we have two VRFs, custa and custb, with duplicate IP space and a policy-based tunnel spun up dynamically to encrypt traffic…… Continue reading Study Notes – VRF-Aware Policy-Based IKEv1 VPN
Study Notes – Dual-Hub DMVPN Phase 1-3 w/ IPSec
This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !—————–! ! DMVPN Phase I ! !—————–! ! Hub (R1) ! !—————–! ! ! cry isakmp policy 5 hash sha256 authen pre-share group 19 encry aes 256 ! cry isakmp key P@ssw0rd! address…… Continue reading Study Notes – Dual-Hub DMVPN Phase 1-3 w/ IPSec
Study Notes – Basic IOS CA Server Configuration and Use in IKEv1/ISAKMP VPN
This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !————————————–! ! IOS CA Setup for IKEv1 VPN Auth ! !————————————–! ! CA Router (DMVPN Hub, usually) ! !————————————–! ! crypto key generate rsa modulus 2048 label Hub-CA-Keys ! ip http server !…… Continue reading Study Notes – Basic IOS CA Server Configuration and Use in IKEv1/ISAKMP VPN
Study Notes – Converting DMVPN Phase 1 to Phase 2 and 3
This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !——————–! ! Phase 2 DMVPN ! !——————–! ! HUB ! !——————–! !once Phase 1 is completely up and running, implement the following !change on the hub to allow spoke-to-spoke data plane forwarding !…… Continue reading Study Notes – Converting DMVPN Phase 1 to Phase 2 and 3
CCIE #TBD 