Firewall - PowerCram Blog

SonicWALL Memory Leak?

My SonicWALL NSA security appliance seems to have a memory leak.  I noticed this a few days ago when I was reviewing long-term usage in my RRDTool (compliments of Cacti) graphs. The daily and weekly graphs looked normal. . . I restarted the SonicWALL a couple weeks ago at which time the memory utilization reset and looks like […]

Creating Client SSL VPN on Cisco ASAs

Introduction This document how to allow remote access VPN connections to the ASA from the Cisco AnyConnect 2.0 client.PrerequisitesRequirements Ensure that you meet these requirements before you attempt this configuration: * Basic ASA configuration that runs software version 8.0* ASDM 6.0(2) Components Used The information in this document is based on these software and hardware versions: * Cisco […]

Enable DOS FTP client through ASA

This configuration allows both active mode and pseudo-passive mode connections from the DOS FTP client provided with windows on a cisco ASA firewall. It has been tested with ASA code 7.2(3) !–Enable FTP Passive modeftp mode passive !–Create inspection_default class-map to match the ASA’s default inspection trafficclass-map inspection_defaultmatch default-inspection-traffic !–Add the ‘inspection_default’ class to the global_policy w/ inspect […]

Cisco PIX/ASA Restrict Foreign & RFC1918 IP Ranges

object-group network APNICnetwork-object 43.0.0.0 255.0.0.0network-object 58.0.0.0 254.0.0.0network-object 60.0.0.0 254.0.0.0network-object 114.0.0.0 254.0.0.0network-object 116.0.0.0 252.0.0.0network-object 120.0.0.0 252.0.0.0network-object 124.0.0.0 254.0.0.0network-object 126.0.0.0 255.0.0.0network-object 169.208.0.0 255.240.0.0network-object 202.0.0.0 254.0.0.0network-object 210.0.0.0 254.0.0.0network-object 218.0.0.0 254.0.0.0network-object 220.0.0.0 254.0.0.0network-object 222.0.0.0 254.0.0.0 object-group network AFRINICnetwork-object 41.0.0.0 255.0.0.0network-object 196.0.0.0 255.0.0.0network-object 168.142.0.0 255.255.0.0 object-group network LACNICnetwork-object 189.0.0.0 255.0.0.0network-object 190.0.0.0 255.0.0.0network-object 200.0.0.0 254.0.0.0 object-group network RIPEnetwork-object 81.0.0.0 255.0.0.0network-object 91.0.0.0 255.0.0.0 object-group network […]

Cisco PIX ASA VPN integration Active Directory IAS

Using AD to authenticate VPN users via a PIX or ASA device aaa-server RADIUS protocol radiusaaa-server RADIUS max-failed-attempts 3aaa-server RADIUS deadtime 10aaa-server RADIUS (inside) host timeout 10 crypto map IPSEC client authentication RADIUS Create a Client matching the inside IP of the PIX w/ shared secret above Modify the policy to match a security group Events for IAS […]

Cisco ASA or PIX Packet Capture for Wireshark with PCAP

The administrator needs to create an access-list that defines what traffic the ASA needs to capture. After the access-list is defined, the capture command incorporates the access-list and applies it to an interface. ciscoasa(config)#access-list inside_test permit icmp any host 192.168.1.1ciscoasa(config)#access-list inside_test permit icmp host 192.168.1.1 anyciscoasa(config)#capture inside_interface access-list inside_test interface inside The user pings the inside interface of […]