ios – CCIE #TBD

Profiling Wired Endpoints without 802.1x or MAB using IBNS2.0

April 18, 2024April 18, 2024 Posted in technicalLeave a comment

One of the first steps to designing and deploying ISE (or any NAC solution) is to gain visibility and understand what is actually out there connecting to your network, so you can design your policy and understand the impact of enacting it.For some types of endpoints, this is relatively easy (i.e. Windows laptops), but for…… Continue reading Profiling Wired Endpoints without 802.1x or MAB using IBNS2.0

Study Notes – DHCP Server, Relay, and Snooping

April 4, 2023April 4, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !——————————–! ! IOS DHCP server, Relay Agent ! ! and DHCP Snooping ! !——————————–! ! !In this topology we will configure R5 to act as a DHCP server for two networks: ! 10.10.100.0/24…… Continue reading Study Notes – DHCP Server, Relay, and Snooping

Study Notes – IOS Zone-Based Firewall

April 2, 2023March 29, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. ZBFW troubleshooting – https://www.cisco.com/c/en/us/support/docs/security/ios-firewall/117721-technote-iosfirewall-00.html Note about self-zone – https://community.cisco.com/t5/security-knowledge-base/zbfw-self-zone-integration/ta-p/3154572 !—————————–! ! IOS Zone-based Firewall ! !—————————–! ! ! Lets configure a ZBFW with the following arbitrary requirements: ! !1. all inside hosts must…… Continue reading Study Notes – IOS Zone-Based Firewall

Study Notes – IKEv1 Tunnel Through an ASA with NAT-Traversal

April 1, 2023March 28, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !—————————! ! IKEv1 tunnel Through ! ! an ASA with NAT-T ! !—————————! ! !here we will configure a basic GREoIPSec tunnel between two routers through an ASA, but one of the routers…… Continue reading Study Notes – IKEv1 Tunnel Through an ASA with NAT-Traversal

Study Notes – IOS-to-IOS VPN Through an ASA

March 31, 2023March 28, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !———————————! ! IOS Router VPN through an ASA ! !———————————! ! !in this setup we will configure an IOS to IOS VPN which must pass THROUGH an ASA without NAT, where we need…… Continue reading Study Notes – IOS-to-IOS VPN Through an ASA

Study Notes – ASA to IOS IKEv2 Policy-based VPN with Manual NAT Exemption

March 30, 2023March 28, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !———————————————-! ! Policy-based IKEv2 VPN between ASA and IOS ! ! With Manual NAT Exemption ! !———————————————-! ! !in this setup we will stand up an IKEv2 based tunnel between an ASA and…… Continue reading Study Notes – ASA to IOS IKEv2 Policy-based VPN with Manual NAT Exemption

Study Notes – ASA to IOS Policy-Based IKEv1 VPN with Manual NAT Exemption

March 29, 2023March 28, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !———————————————-! ! Policy-based IKEv1 VPN between ASA and IOS ! ! With Manual NAT Exemption ! !———————————————-! ! !in this setup we will stand up an IKEv1 based tunnel between an ASA and…… Continue reading Study Notes – ASA to IOS Policy-Based IKEv1 VPN with Manual NAT Exemption

Study Notes – Basic ASA to IOS IKEv1 Policy-Based VPN

March 28, 2023March 28, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !———————————————-! ! Policy-based IKEv1 VPN between ASA and IOS ! !———————————————-! ! !in this setup we will stand up an IKEv1 based tunnel between an ASA and an IOS router based on interesting…… Continue reading Study Notes – Basic ASA to IOS IKEv1 Policy-Based VPN

Study Notes – FlexVPN Spoke-to-Spoke (PSK Auth)

March 22, 2023March 17, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !—————————————-! ! FlexVPN PSK Spoke-to-Spoke (PSK Auth) ! !—————————————-! ! !To configure FlexVPN and allow dynamic Spoke to Spoke tunnels, we need to do a few things differently from the Hub and Spoke…… Continue reading Study Notes – FlexVPN Spoke-to-Spoke (PSK Auth)

Study Notes – FlexVPN Hub and Spoke with Negotiated Tunnels and PSK Auth

March 20, 2023April 20, 2023 Posted in Study Notes, technicalLeave a comment

This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !————————————————! ! FlexVPN with Negotiated Tunnels and PSK Auth ! !————————————————! ! !building on sVTI/dVTI, FlexVPN allows for hub and spoke or dynamic spoke-to-spoke WAN mesh/partial mesh while also supporting the ability to…… Continue reading Study Notes – FlexVPN Hub and Spoke with Negotiated Tunnels and PSK Auth

CCIE #TBD

A CCIE Study Journal

Tag: ios