Internet Safety: How to keep your computer safe on the Internet

Here are some things you can, and should, do to stay safe. Stay Up-To-Date – Most virus infections don’t have to happen. Software vulnerabilities that the viruses exploit usually already have patches available by the time the virus reaches a computer. The problem? The user simply failed to install the latest patches and updates that would […]

Creating Client SSL VPN on Cisco ASAs

Introduction This document how to allow remote access VPN connections to the ASA from the Cisco AnyConnect 2.0 client.PrerequisitesRequirements Ensure that you meet these requirements before you attempt this configuration: * Basic ASA configuration that runs software version 8.0* ASDM 6.0(2) Components Used The information in this document is based on these software and hardware […]

ASA 5510 IOS 8.x ASDM firewall dashboard IOS commands

As of 8.x, the ASDM has some excellent features to allow you to track down top talkers and get a better view into your traffic flows, but each of these features (especially the Top 10 Services) uses a good bit of RAM. If you are running a 5510 or smaller, that can cause you to […]

Enable DOS FTP client through ASA

This configuration allows both active mode and pseudo-passive mode connections from the DOS FTP client provided with windows on a cisco ASA firewall. It has been tested with ASA code 7.2(3) !–Enable FTP Passive modeftp mode passive !–Create inspection_default class-map to match the ASA’s default inspection trafficclass-map inspection_defaultmatch default-inspection-traffic !–Add the ‘inspection_default’ class to the […]

Cisco PIX/ASA Restrict Foreign & RFC1918 IP Ranges

object-group network APNICnetwork-object object-group network AFRINICnetwork-object object-group network LACNICnetwork-object object-group network RIPEnetwork-object […]

Cisco PIX ASA VPN integration Active Directory IAS

Using AD to authenticate VPN users via a PIX or ASA device aaa-server RADIUS protocol radiusaaa-server RADIUS max-failed-attempts 3aaa-server RADIUS deadtime 10aaa-server RADIUS (inside) host timeout 10 crypto map IPSEC client authentication RADIUS Create a Client matching the inside IP of the PIX w/ shared secret above Modify the policy to match a security group […]

Cisco ASA or PIX Packet Capture for Wireshark with PCAP

The administrator needs to create an access-list that defines what traffic the ASA needs to capture. After the access-list is defined, the capture command incorporates the access-list and applies it to an interface. ciscoasa(config)#access-list inside_test permit icmp any host inside_test permit icmp host anyciscoasa(config)#capture inside_interface access-list inside_test interface inside The user pings the […]