CLIENTLESS SSL VPN ON CISCO ASAA
|
|
- Linette Conley
- 5 years ago
- Views:
Transcription
1 CLIENTLESS SSL VPN ON CISCO ASAA CERTVIDEOS-ASA CONFIGURATION CERTVIDEOS-ASA# show run : Saved : ASA Version 8.4(2) hostname CERTVIDEOS-ASA enable password 8Ry2YjIyt7RRXU24 encrypted passwd 2KFQnbNIdI.2KYOU encrypted names interface GigabitEthernet0 nameif outside security-level 0 ip address interface GigabitEthernet1 nameif inside
2 security-level 100 ip address interface GigabitEthernet2 interface GigabitEthernet3 interface GigabitEthernet4 interface GigabitEthernet5 ftp mode passive dns domain-lookup outside dns domain-lookup inside access-list inside-in extended permit ip any any access-list outside-in extended permit tcp any host eq www access-list outside-in extended deny ip any any access-list Tunnel-192 standard permit access-list internal-acl webtype permit url ftp:// log default access-list internal-acl webtype permit url log default access-list internal-acl webtype permit url rdp:// log default access-list internal-acl webtype deny url any log default pager lines 24 logging enable logging timestamp logging host outside logging permit-hostdown mtu outside 1500 mtu inside 1500 no failover icmp unreachable rate-limit 1 burst-size 1 asdm image disk0:/asdm-647.bin
3 no asdm history enable arp timeout access-group outside-in in interface outside access-group inside-in in interface inside route inside timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 dynamic-access-policy-record DfltAccessPolicy user-identity default-domain LOCAL http server enable 8443 http outside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart crypto ca trustpoint CA enrollment url keypair CERT-KEYS crl configure crypto ca trustpoint ASDM_TrustPoint0 enrollment self subject-name CN=CERTVIDEOS-ASA keypair SSL-KEYS crl configure crypto ca certificate chain CA certificate ca b a d0609 2a f70d e f732e63 6f6d301e 170d a17 0d a e f 732e636f 6d30819f 300d0609 2a f70d d b48 bb2c7c1a e114450b 189a6192 aab0ee69 95e99bbf f63b39e4 5edd5be2 47ad534a c a47778de 09573b2f 1fd18433 bac9c ea5 e82ac2e6 79e1f370 2a6551a3 63aba5ca e510f660 3fa ca90049 c0c78dad 82d6a9d5 3ee91a99 df819d44 1aa127b4 3e7c8354 ccb60d65 412b7eb1 e94b f4602 5b4d a f d ff ff 300e d0f01 01ff f d e37574 aa0195e4 2f060e97 3c956ec3 5ab7091f 01301d d0e e37574aa 0195e42f 060e973c 956ec35a b7091f01 300d0609 2a f70d d470b 958dc1fc 53d24b9b 2d2cf9ed f34e9bda c4f2195a bf c18772fa ff 508ea06d 100ba11e 1fcc4291 ee8a08bc 29fa31e6 d557768f ede08a54 4e667ed3 948bb b4c c d51cf517 b2b9e143 a6c6f a4e7a c7 8a74b06b 0f393e27 6ec0df81 36e6f172 be7677f3 de66335d 61701c quit
4 crypto ca certificate chain ASDM_TrustPoint0 certificate 5bc96d e a b c96d5330 0d06092a f7 0d e f 532d d30 1b06092a f7 0d e f53 2d e170d a170d a e f532d d301b06 092a f70d e f532d f300d06 092a f70d d c d7 e303141a adb8daa0 523f7bba ac a3dfb9d5 7b157e3d d604e4d1 e320bd74 c3c3dbd b c673e356 b55be32f d787c8d3 38ac43bc e612fc9e 0b4a3d64 e1709a7f 113c2a7c 8ac4dfcb e1b72e71 e9b1602a ab21fb1c fc4dbccb 243e7136 1cad1cb6 9db162a7 4fe cf61877 e bcbaa8 df d0609 2a f70d aefe6da5 5acf7be7 079e6cf8 7b1e427f 6ce2cc a9c f7 8ccf1e9d 3e3579cc a32c748b daa28c fe4dfefc 276a f6137f ec35945c 9b866a25 41b23c93 6ba883ba fcf09b51 72cc0bc4 cbe7f63f 65c7a8af 5b b7554f a9b309ba 546fb b c5fb3 fda799ea cc98949f 562c4a quit crypto ikev2 remote-access trustpoint CA telnet timeout 5 ssh timeout 5 console timeout 0 threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept ssl trust-point CA outside webvpn enable outside csd image disk0:/csd_ k9.pkg port-forward telnet-port-forward telnet Telnet port-forward rdp rdp tunnel-group-list enable cache cache-static-content enable group-policy Certvideos-policy internal group-policy Certvideos-policy attributes banner value This is the certvideos group policy vpn-tunnel-protocol ssl-clientless webvpn url-list value Certvideos-Bookmarks filter value internal-acl username certvideos-user password xj9yifab0tsoovpg encrypted username certvideos-user attributes service-type remote-access username vpn-user password 8NHmONCo.zug0eVf encrypted username vpn-user attributes service-type remote-access
5 username shyam password KqFsdwZ5V/MffXFG encrypted privilege 15 tunnel-group Certvideos type remote-access tunnel-group Certvideos general-attributes default-group-policy Certvideos-policy tunnel-group Certvideos webvpn-attributes group-alias Certvideos-alias enable group-url enable prompt hostname context no call-home reporting anonymous call-home profile CiscoTAC-1 no active destination address http destination address destination transport-method http subscribe-to-alert-group diagnostic subscribe-to-alert-group environment subscribe-to-alert-group inventory periodic monthly subscribe-to-alert-group configuration periodic monthly subscribe-to-alert-group telemetry periodic daily crashinfo save disable Cryptochecksum:01e302b0336eea852328af672c823ca1 : end CERTVIDEOS-ASA# CERTVIDEOS-ASA CONFIGURATION CERTVIDEOS-CA#show run Building configuration... Current configuration : 2357 bytes No configuration change since last restart version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption hostname CERTVIDEOS-CA
6 boot-start-marker boot-end-marker no aaa new-model memory-size iomem 5 ip cef no ip domain lookup multilink bundle-name authenticated crypto pki server CA database level complete issuer-name CN=certvideos.com grant auto hash sha1 lifetime ca-certificate 365 crypto pki trustpoint CA revocation-check crl rsakeypair CERT-KEYS crypto pki certificate chain CA certificate ca B A D0609 2A F70D E F732E63 6F6D301E 170D A17 0D A E F 732E636F 6D30819F 300D0609 2A F70D D E4FD 83600EB1 8CF57F54 2F6084A1 B25C2C08 669ED4CA DD 6DEB816B 121D056E D6AE0EC8 3F0C23AB AA21D7D9 823B3050 FACE1D08 DD5B477E 32D065EA 26F9C73E B11D26E2 B6A6622D CF21E54E CD025DD1 92A C1BE75 694CE343 5AACC9CF B B C5F36C 2C15E556 84A3AE35 739CAA0B EE5B A F D FF FF 300E D0F01 01FF F D F867A 918C8D31 F2D9D580 DE85E197 0F49B5A1 E6301D D0E F867A91 8C8D31F2 D9D580DE 85E1970F 49B5A1E6 300D0609 2A F70D F 54527BA2 7543A54C D70BE64A FA5B54F6 9E F05A1630 B68BF FAD6F 898E94F4 0FE980EE 01AA1891 3BB1DD86 5FAD28E CB9BCAF CC AC07E B84D7C33 B3D4D0FA 62DF0B2D 1F826DB5 3D5E BEA E5A73BBB CB62F08A 6D92C9E2 8AC8F D2C0 C90EFD03 F4A1E3 quit
7 archive log config hidekeys interface FastEthernet0/0 ip address duplex auto speed auto interface FastEthernet0/1 ip address duplex auto speed auto ip forward-protocol nd ip route ip http server no ip http secure-server control-plane line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login end CERTVIDEOS-CA#
Orbit Corporation CISCO ASA LAN Based Active / Standby Failover. Waqas
Orbit Corporation CISCO ASA - 5520 LAN Based Active / Standby Failover Waqas 13 Cisco ASA LAN Based Active / Standby Failover Configuration Primary ASA Cli Configuration Changes Highlighted in Yellow for
More informationDownloaded from: justpaste.it/i2os
: Saved : ASA Version 9.1(2) hostname ciscoasa enable password xxx encrypted names ip local pool poolvpn 192.168.20.10-192.168.20.30 mask 255.255.255.0 interface GigabitEthernet0/0 nameif inside security-level
More informationASA with WebVPN and Single Sign-on using ASDM and NTLMv1 Configuration Example
ASA with WebVPN and Single Sign-on using ASDM and NTLMv1 Configuration Example Contents Introduction Prerequisites Requirements Components Used Conventions Configure Add an AAA Server for Windows Domain
More informationVirtual private network setup
Virtual private network setup This chapter provides information about virtual private network setup. Virtual private network, page 1 Devices supporting VPN, page 2 Set up VPN feature, page 2 Complete IOS
More informationVirtual Private Network Setup
This chapter provides information about virtual private network setup. Virtual Private Network, page 1 Devices Supporting VPN, page 2 Set Up VPN Feature, page 2 Complete Cisco IOS Prerequisites, page 3
More informationNATIONAL_WATER_CONSERVATION#sh run Building configuration...
NATIONAL_WATER_CONSERVATION#sh run Building configuration... Current configuration : 6390 bytes Last configuration change at 13:01:34 UTC Tue Jul 4 2017 by kembo version 15.4 service timestamps debug datetime
More information: Saved : : Serial Number: JMX1813Z0GJ : Hardware: ASA5505, 512 MB RAM, CPU Geode 500 MHz : Written by enable_15 at 09:21: UTC Thu Dec !
: Saved : : Serial Number: JMX1813Z0GJ : Hardware: ASA5505, 512 MB RAM, CPU Geode 500 MHz : Written by enable_15 at 09:21:59.078 UTC Thu Dec 17 2015 ASA Version 9.2(2)4 hostname ciscoasa enable password
More informationConfigure the ASA for Dual Internal Networks
Configure the ASA for Dual Internal Networks Document ID: 119195 Contributed by Dinkar Sharma, Bratin Saha, and Prashant Joshi, Cisco TAC Engineers. Aug 05, 2015 Contents Introduction Prerequisites Requirements
More informationPhysical Topology. Logical Topology
Physical Topology Logical Topology Please, note that the configurations given below can certainly be clean-up and tuned. Some commands are still embedded for testing purposes. Note also that the text highlighted
More informationBẮT 10 GIAO THỨC (SNMP, HTTP, HTTPS, NETMEETING, NTP, TELNET, SSH, H323, SIP, DOMAIN )
SƠ ĐỒ MẠNG VISIO SƠ ĐỒ GNS3 BẮT 10 GIAO THỨC (SNMP, HTTP, HTTPS, NETMEETING, NTP, TELNET, SSH, H323, SIP, DOMAIN ) PING TẠO RA LƯU LƯỢNG SAU KHI CẤM PING FILE CẤU HÌNH CÁC ROUTER ROUTER SAIGON Last configuration
More informationASA Version 7.2(4)30! hostname vpn domain-name hollywood.com enable password BO5OGdtIUElAVJc7 encrypted passwd BO5OGdtIUElAVJc7 encrypted names name
ASA Version 7.2(4)30 hostname vpn domain-name hollywood.com enable password BO5OGdtIUElAVJc7 encrypted passwd BO5OGdtIUElAVJc7 encrypted names name 172.30.232.128 XL description XL / idot name 172.28.28.0
More informationco Configuring PIX to Router Dynamic to Static IPSec with
co Configuring PIX to Router Dynamic to Static IPSec with Table of Contents Configuring PIX to Router Dynamic to Static IPSec with NAT...1 Introduction...1 Configure...1 Components Used...1 Network Diagram...1
More informationSSL VPN Configuration of a Cisco ASA 8.0
Published on Jisc community (https://community.jisc.ac.uk) Home > Advisory services > Multi-site Connectivity Advisory Service > Technical guides > Secure Virtual Private Networks > SSL VPN Configuration
More informationFirewalling Avid ISIS in a Cisco environment
Firewalling Avid ISIS in a Cisco environment Interoperability testing between Cisco ASA and ISIS results Francesca Martucci Consulting System Engineer for Security - Cisco David Shephard - Senior Network
More informationIPSec tunnel for ER75i routers application guide
IPSec tunnel for ER75i routers application guide 1 Contents 1. Generally...3 2. IPSec limitation...3 3. Example of use IPSec tunnel Client side at ER75i...4 3.1. IPSec tunnel client side at ER75i...4 3.1.1.
More informationBasic Router Configuration using SDM
Basic Router Configuration using SDM Document ID: 71305 Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram Interface Configuration NAT Configuration Routing Configuration
More informationTable of Contents. Cisco IPSec Tunnel through a PIX Firewall (Version 7.0) with NAT Configuration Example
Table of Contents IPSec Tunnel through a PIX Firewall (Version 7.0) with NAT Configuration Example...1 Document ID: 63881...1 Introduction...1 Prerequisites...2 Requirements...2 Components Used...2 Conventions...2
More informationASA/PIX: Remote VPN Server with Inbound NAT for VPN Client Traffic with CLI and ASDM Configuration Example
ASA/PIX: Remote VPN Server with Inbound NAT for VPN Client Traffic with CLI and ASDM Configuration Example Contents Introduction Prerequisites Requirements Components Used Related Products Conventions
More informationPIX/ASA 7.x ASDM: Restrict the Network Access of Remote Access VPN Users
PIX/ASA 7.x ASDM: Restrict the Network Access of Remote Access VPN Users Document ID: 69308 Contents Introduction Prerequisites Requirements Components Used Related Products Network Diagram Conventions
More informationPIX/ASA as a DHCP Server and Client Configuration Example
PIX/ASA as a DHCP Server and Client Configuration Example Document ID: 70391 Contents Introduction Prerequisites Requirements Components Used Related Products Conventions Configure DHCP Server Configuration
More informationNAC Appliance (Cisco Clean Access) In Band Virtual Gateway for Remote Access VPN Configuration Example
NAC Appliance (Cisco Clean Access) In Band Virtual Gateway for Remote Access VPN Configuration Example Document ID: 71573 Contents Introduction Prerequisites Requirements Components Used Network Diagram
More informationThis document is intended to give guidance on how to read log entries from a Cisco PIX / ASA. The specific model in this case was a PIX 501.
1.0 Overview This document is intended to give guidance on how to read log entries from a Cisco PIX / ASA. The specific model in this case was a PIX 501. 2.0 PIX Config The following is the PIX config
More informationRSA SecurID Authentication for AnyConnect Clients on a Cisco IOS Headend Configuration Example
RSA SecurID Authentication for AnyConnect Clients on a Cisco IOS Headend Configuration Example Document ID: 118778 Contributed by Atri Basu, Cisco TAC Engineer, and Vasavi Yellampalli, Cisco Engineering.
More informationCisco Meraki EMM Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series
Cisco Meraki EMM Integration with Cisco Identity Service Engine Secure Access How -To Guides Series Author: Imran Bashir Date: March 2015 Table of Contents Mobile Device Management (MDM)... 3 Overview...
More informationVPN Between Sonicwall Products and Cisco Security Appliance Configuration Example
VPN Between Sonicwall Products and Cisco Security Appliance Configuration Example Document ID: 66171 Contents Introduction Prerequisites Requirements Components Used Related Products Conventions Configure
More informationLab Configuring Dynamic and Static NAT (Solution)
(Solution) Topology Addressing Table Objectives Device Interface IP Address Subnet Mask Default Gateway Gateway G0/1 192.168.1.1 255.255.255.0 N/A S0/0/1 209.165.201.18 255.255.255.252 N/A ISP S0/0/0 (DCE)
More informationLab Configuring Dynamic and Static NAT (Instructor Version Optional Lab)
(Instructor Version Optional Lab) Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only. Optional activities are designed to enhance understanding and/or
More informationAdvanced IPv6 Training Course. Lab Manual. v1.3 Page 1
Advanced IPv6 Training Course Lab Manual v1.3 Page 1 Network Diagram AS66 AS99 10.X.0.1/30 2001:ffXX:0:01::a/127 E0/0 R 1 E1/0 172.X.255.1 2001:ffXX::1/128 172.16.0.X/24 2001:ff69::X/64 E0/1 10.X.0.5/30
More informationASA 7.2(2): SSL VPN Client (SVC) for Public Internet VPN on a Stick Configuration Example
ASA 7.2(2): SSL VPN Client (SVC) for Public Internet VPN on a Stick Configuration Example Document ID: 100894 Contents Introduction Prerequisites Requirements Components Used Conventions Background Information
More informationPIX/ASA 7.x and Later : Easy VPN with Split Tunneling ASA 5500 as the Server and Cisco 871 as the Easy VPN Remote Configuration Example
PIX/ASA 7.x and Later : Easy VPN with Split Tunneling ASA 5500 as the Server and Cisco 871 as the Easy VPN Remote Configuration Example Document ID: 68815 Contents Introduction Prerequisites Requirements
More informationContents. Introduction. Prerequisites Components Used. Introduction. Prerequisites Components Used
Contents Introduction Prerequisites Components Used Install Cisco Configuration Professional Router Configuration to Run Cisco CP Requirements Conventions Configure Network Diagram Interface Configuration
More informationChapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM
Chapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM This lab has been updated for use on NETLAB+ Topology Note: ISR G1 devices use FastEthernet interfaces instead of GigabitEthernet Interfaces.
More informationASA/PIX 8.x: Radius Authorization (ACS 4.x) for VPN Access using Downloadable ACL with CLI and ASDM Configuration Example
ASA/PIX 8.x: Radius Authorization (ACS 4.x) for VPN Access using Downloadable ACL with CLI and ASDM Configuration Example Contents Introduction Prerequisites Requirements Components Used Related Products
More informationCIS-331 Fall 2014 Exam 1 Name: Total of 109 Points Version 1
Version 1 1. (24 Points) Show the routing tables for routers A, B, C, and D. Make sure you account for traffic to the Internet. Router A Router B Router C Router D Network Next Hop Next Hop Next Hop Next
More informationSSG Configuration Example
APPENDIX A Example A-1 is a sample SSG configuration for the Cisco 10000 series router based on the topology in Figure A-1. The configuration includes AAA, PPP, SSG, and RADIUS. The SSG configuration enables
More informationTable of Contents. Cisco PIX/ASA 7.x Enhanced Spoke to Spoke VPN Configuration Example
Table of Contents PIX/ASA 7.x Enhanced Spoke to Spoke VPN Configuration Example...1 Document ID: 64692...1 Introduction...1 Prerequisites...1 Requirements...1 Components Used...1 Conventions...2 Configure...2
More informationChapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM
Chapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM Topology Note: ISR G1 devices use FastEthernet interfaces instead of GigabitEthernet Interfaces. 2016 Cisco and/or its affiliates. All
More informationCONFIGURATION DU SWITCH
Current configuration : 2037 bytes version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption hostname Switch no aaa new-model ip subnet-zero
More informationCIS-331 Spring 2016 Exam 1 Name: Total of 109 Points Version 1
Version 1 Instructions Write your name on the exam paper. Write your name and version number on the top of the yellow paper. Answer Question 1 on the exam paper. Answer Questions 2-4 on the yellow paper.
More informationLab Configuring and Verifying Standard IPv4 ACLs (Instructor Version Optional Lab)
(Instructor Version Optional Lab) Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only. Optional activities are designed to enhance understanding and/or
More informationTable of Contents. Cisco Enhanced Spoke to Client VPN Configuration Example for PIX Security Appliance Version 7.0
Table of Contents Enhanced Spoke to Client VPN Configuration Example for PIX Security Appliance Version 7.0...1 Document ID: 64693...1 Introduction...1 Prerequisites...1 Requirements...1 Components Used...1
More informationCIS-331 Fall 2013 Exam 1 Name: Total of 120 Points Version 1
Version 1 1. (24 Points) Show the routing tables for routers A, B, C, and D. Make sure you account for traffic to the Internet. NOTE: Router E should only be used for Internet traffic. Router A Router
More informationLab Configuring Basic RIPv2 (Solution)
(Solution) Topology 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 15 Addressing Table Objectives Device Interface IP Address Subnet Mask Default Gateway
More informationLab Configuring Port Address Translation (PAT) (Instructor Version)
(Instructor Version) Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only. Topology Addressing Table Objectives Device Interface IP Address Subnet Mask
More informationChapter 10 Configure AnyConnect Remote Access SSL VPN Using ASDM
Chapter 10 Configure AnyConnect Remote Access SSL VPN Using ASDM Topology Note: ISR G1 devices use FastEthernet interfaces instead of GigabitEthernet interfaces. 2015 Cisco and/or its affiliates. All rights
More informationLab Configuring Switch Security Features (Solution) Topology
(Solution) Topology Addressing Table Objectives Device Interface IP Address Subnet Mask Default Gateway R1 G0/1 172.16.99.1 255.255.255.0 N/A S1 VLAN 99 172.16.99.11 255.255.255.0 172.16.99.1 PC-A NIC
More informationLab Designing and Implementing a VLSM Addressing Scheme. Topology. Objectives. Background / Scenario
CSNB214 Packet Tracer Lab Designing and Implementing a VLSM Addressing Scheme Topology Objectives Part 1: Examine Network Requirements Part 2: Design the VLSM Address Scheme Part 3: Cable and Configure
More informationWorkgroup Bridges with PEAP Authentication Configuration Example
Workgroup Bridges with PEAP Authentication Configuration Example Document ID: 115736 Contributed by Surendra BG, Jeal Jimenez, and Carlos Leiton, Cisco TAC Engineers. Jan 14, 2013 Contents Introduction
More informationCIS-331 Exam 2 Spring 2016 Total of 110 Points Version 1
Version 1 1. (20 Points) Given the class A network address 121.0.0.0 will be divided into multiple subnets. a. (5 Points) How many bits will be necessary to address 8,100 subnets? b. (5 Points) What is
More informationConfigure AnyConnect Secure Mobility Client using One-Time Password (OTP) for Twofactor Authentication on an ASA
Configure AnyConnect Secure Mobility Client using One-Time Password (OTP) for Twofactor Authentication on an ASA Contents Introduction Prerequisites Requirements Components Used Background Information
More informationLab Troubleshooting IPv4 and IPv6 Static Routes (Instructor Version Optional Lab)
(Instructor Version Optional Lab) Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only. Optional activities are designed to enhance understanding and/or
More informationConfiguring the PIX Firewall and VPN Clients Using PPTP, MPPE and IPSec
Configuring the PIX Firewall and VPN Clients Using PPTP, MPPE and IPSec Document ID: 14095 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram Configurations
More informationExternal Web Authentication on Converged Access
External Web Authentication on Converged Access The configuration procedure for the External Web Authentication on Converged Access is similar to the configuration procedure of Local Web Authentication
More informationSample Business Ready Branch Configuration Listings
APPENDIX A Sample Business Ready Branch Configuration Listings The following is a sample configuration of a Business Ready Branch. There are many permutations of feature combinations when setting up the
More informationCIS-331 Exam 2 Fall 2015 Total of 105 Points Version 1
Version 1 1. (20 Points) Given the class A network address 117.0.0.0 will be divided into multiple subnets. a. (5 Points) How many bits will be necessary to address 4,000 subnets? b. (5 Points) What is
More informationCisco Passguide Exam Questions & Answers
Cisco Passguide 642-648 Exam Questions & Answers Number: 642-648 Passing Score: 800 Time Limit: 120 min File Version: 61.8 http://www.gratisexam.com/ Cisco 642-648 Exam Questions & Answers Exam Name: Deploying
More informationLab 8.5.2: Troubleshooting Enterprise Networks 2
Lab 8.5.2: Troubleshooting Enterprise Networks 2 Topology Diagram Addressing Table Device Interface IP Address Subnet Mask Default Gateway Fa0/0 192.168.10.1 255.255.255.0 N/A R1 Fa0/1 192.168.11.1 255.255.255.0
More informationThe cache is 4-way set associative, with 4-byte blocks, and 16 total lines
Sample Problem 1 Assume the following memory setup: Virtual addresses are 20 bits wide Physical addresses are 15 bits wide The page size if 1KB (2 10 bytes) The TLB is 2-way set associative, with 8 total
More informationL2TP IPsec Support for NAT and PAT Windows Clients
L2TP IPsec Support for NAT and PAT Windows Clients The L2TP IPsec Support for NAT and PAT Windows Clients feature allows mulitple Windows client to connect to an IPsec-enabled Cisco IOS Layer 2 Tunneling
More informationCisco Virtual Office: Easy VPN Deployment Guide
Cisco Virtual Office: Easy VPN Deployment Guide This guide provides detailed design and implementation information for deployment of Easy VPN in client mode with the Cisco Virtual Office. Please refer
More informationshun through sysopt radius ignore-secret Commands
CHAPTER 30 shun through sysopt radius ignore-secret Commands 30-1 shun Chapter 30 shun To block connections from an attacking host, use the shun command in privileged EXEC mode. To disable a shun, use
More informationFWSM: Multiple Context Configuration Example
FWSM: Multiple Context Configuration Example Document ID: 107524 Contents Introduction Prerequisites Requirements Components Used Conventions Background Information Context Configuration Files Unsupported
More informationLab 8: Firewalls ASA Firewall Device
Lab 8: Firewalls ASA Firewall Device 8.1 Details Aim: Rich Macfarlane 2015 The aim of this lab is to investigate a Cisco ASA Firewall Device, its default traffic flows, its stateful firewalling functionality,
More informationDocument ID: Contents. Introduction. Prerequisites. Requirements. Introduction. Prerequisites Requirements
Products & Services ASA/PIX 7.x: Redundant or Backup ISP Links Configuration Example Document ID: 70559 Contents Introduction Prerequisites Requirements Components Used Related Products Conventions Background
More informationSecure ACS Database Replication Configuration Example
Secure ACS Database Replication Configuration Example Document ID: 71320 Introduction Prerequisites Requirements Components Used Related Products Conventions Background Information Scenario I Scenario
More information4. Specifications and Additional Information
4. Specifications and Additional Information AGX52004-1.0 8B/10B Code This section provides information about the data and control codes for Arria GX devices. Code Notation The 8B/10B data and control
More informationNote that you can also use the password command but the secret command gives you a better encryption algorithm.
Router Device Security Lab Configuring Secure Passwords 1. Configure the enable secret and password enable password TRUSTME enable secret letmein Look at the configuration: show config terminal Note the
More informationVPN Connection through Zone based Firewall Router Configuration Example
VPN Connection through Zone based Firewall Router Configuration Example Document ID: 112051 Contents Introduction Prerequisites Requirements Components Used Conventions Background Information Configure
More informationHow to configure MB5000 Serial Port Bridge mode
How to configure MB5000 Serial Port Bridge mode MB5000 has a configurable serial port. With this serial port, MB5000 can be used as DCE device to be connected with Cisco router s console port so that MB5000
More informationLoading Internet Protocol Security (IPSec) (CDR-882/780/790/990 Cellular Router)
Loading Internet Protocol Security (IPSec) (CDR-882/780/790/990 Cellular Router) Call Direct Document version 1.4 Last updated 17 December, 2010 support@call-direct.com.au Loading IPSec To support IPSec
More informationCIS-331 Exam 2 Fall 2014 Total of 105 Points. Version 1
Version 1 1. (20 Points) Given the class A network address 119.0.0.0 will be divided into a maximum of 15,900 subnets. a. (5 Points) How many bits will be necessary to address the 15,900 subnets? b. (5
More informationConfiguration Professional: Site to Site IPsec VPN Between Two IOS Routers Configuration Example
Configuration Professional: Site to Site IPsec VPN Between Two IOS Routers Configuration Example Document ID: 113337 Contents Introduction Prerequisites Requirements Components Used Conventions Configuration
More informationDesign and Implementation Plan for Network Based on the ALOHA Point of Sale System. Proposed by Jedadiah Casey. Introduction
Design and Implementation Plan for Network Based on the ALOHA Point of Sale System Proposed by Jedadiah Casey Introduction The goal of this design document is to provide a framework of suggested implementation
More informationConfiguring EtherChannel
L4 Configuring EtherChannel Global Knowledge Training LLC L4-1 Objectives In this lab you will first verify that one of the parallel connections to the core switch is blocked by STP. You will then configure
More informationLab 9: VPNs IPSec Remote Access VPN
Lab 9: VPNs IPSec Remote Access VPN Rich Macfarlane 2015 Aim: Details The aim of this lab is to introduce Virtual Private Network (VPN) concepts, using an IPSec remote access VPN between a remote users
More informationFundamentals of Network Security v1.1 Scope and Sequence
Fundamentals of Network Security v1.1 Scope and Sequence Last Updated: September 9, 2003 This document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document
More informationQuick Note. Configure an IPSec VPN tunnel in Aggressive mode between a TransPort LR router and a Cisco router. Digi Technical Support 7 October 2016
Quick Note Configure an IPSec VPN tunnel in Aggressive mode between a TransPort LR router and a Cisco router. Digi Technical Support 7 October 2016 Contents 1 Introduction... 3 1.1 Outline... 3 1.2 Assumptions...
More informationConfigure IOS-XE to display full show running-config for users with low Privilege Levels
Configure IOS-XE to display full show running-config for users with low Privilege Levels Contents Introduction Prerequisites Requirements Components Used Configuration Problem Configuration Solution and
More informationConfiguring Certificate Enrollment for a PKI
Configuring Certificate Enrollment for a PKI First Published: May 2, 2005 Last Updated: July 31, 2009 Certificate enrollment, which is the process of obtaining a certificate from a certification authority
More informationConfigure ASA as the SSL Gateway for AnyConnect Clients using Multiple-Certificate Based Authentication
Configure ASA as the SSL Gateway for AnyConnect Clients using Multiple-Certificate Based Authentication Contents Introduction Prerequisites Requirements Components Used Background Information Limitations
More informationConfiguration Examples
CHAPTER 4 Before using this chapter, be sure that you have planned your site s security policy, as described in Chapter 1, Introduction, and configured the PIX Firewall, as described in Chapter 2, Configuring
More informationIOS Router : Easy VPN (EzVPN) in Network Extension Mode (NEM) with Split tunnelling Configuration Example
IOS Router : Easy VPN (EzVPN) in Network Extension Mode (NEM) with Split tunnelling Configuration Example Document ID: 63098 Contents Introduction Prerequisites Requirements Components Used Conventions
More informationCISCO EXAM QUESTIONS & ANSWERS
CISCO 642-618 EXAM QUESTIONS & ANSWERS Number: 642-618 Passing Score: 800 Time Limit: 120 min File Version: 39.6 http://www.gratisexam.com/ CISCO 642-618 EXAM QUESTIONS & ANSWERS Exam Name: Deploying Cisco
More informationCisco Small Business Pro. Technical Enablement Labs
Cisco Small Business Pro Smart Business Communication System Technical Enablement Labs Lab 15 Cisco SR 520-T1 Secure Router (can be head end Security Router for a UC 500) INTRODUCTION... 3 PREPARING FOR
More informationExperiments in musical similarity.
Experiments in musical similarity hamish.allan@gold.ac.uk What is musical similarity? Melodic Rhythmic Harmonic Timbral What is musical similarity? Chronological Artist Lyrical Cultural What is musical
More informationLab - Configuring Basic DHCPv4 on a Router (Solution)
(Solution) Topology Addressing Table Objectives Device Interface IP Address Subnet Mask Default Gateway R1 G0/0 192.168.0.1 255.255.255.0 N/A G0/1 192.168.1.1 255.255.255.0 N/A S0/0/0 (DCE) 192.168.2.253
More informationIEEE 802.1Q Tunneling (QnQ) and L2PT on L2 Ports
Revised: November 11, 2011, OL-20468-01 First Published: November 11, 2011 Last Updated: November 11, 2011 This feature provides Layer 2 Tunneling support for QnQ and Layer 2 Protocol Tunneling (L2PT)
More informationChapter 10 - Configure ASA Basic Settings and Firewall using ASDM
Chapter 10 - Configure ASA Basic Settings and Firewall using ASDM This lab has been updated for use on NETLAB+ Topology Note: ISR G1 devices use FastEthernet interfaces instead of GigabitEthernet interfaces.
More informationTriple DES and AES 192/256 Implementation Notes
Triple DES and AES 192/256 Implementation Notes Sample Password-to-Key and KeyChange results of Triple DES and AES 192/256 implementation For InterWorking Labs customers who require detailed information
More informationPermitting PPTP Connections Through the PIX/ASA
Permitting PPTP Connections Through the PIX/ASA Contents Introduction Prerequisites Requirements Components Used Background Theory Conventions PPTP with the Client Inside and the Server Outside Network
More informationI N D E X. Numerics. 3DES (triple Data Encryption Standard), 199
I N D E X Numerics A 3DES (triple Data Encryption Standard), 199 AAA (Authentication, Authorization, and Accounting), 111 114, 236 configuring, 114, 144 145 CSACS, 116 122 floodguard, 168 169 servers,
More informationDeployment of Cisco IP Mobility Solution on Enterprise Class Teleworker Network
Deployment Guide Deployment of Cisco IP Mobility Solution on Enterprise Class Teleworker Network The Cisco Service Oriented Network Architecture (SONA) framework helps enterprise customers evolve their
More informationTroubleshooting VLANs and Trunks
L2 Troubleshooting VLANs and Trunks Global Knowledge Training LLC L2-1 Objectives In this lab you will download configuration files into PxSW s running configuration to introduce VLAN and trunking issues
More informationConfiguring PKI CHAPTER
CHAPTER 9 This chapter provides information about configuring PKI-related features using the VSPA on the Catalyst 6500 Series switch. It includes the following sections: Overview of PKI, page 9-2 Understanding
More informationCISCO SWITCH BEST PRACTICES GUIDE
CISCO SWITCH BEST PRACTICES GUIDE Table of Contents (After Clicking Link Hit HOME to Return to TOC) 1) Add Hostname... 2 2) Add Username and Password... 2 3) Create Secret Password... 2 4) Encrypt Password...
More informationConfiguring Dynamic Multipoint VPN Using GRE Over IPsec With OSPF, NAT, and Cisco IOS Firewall
Configuring Dynamic Multipoint VPN Using GRE Over IPsec With OSPF, NAT, and Cisco IOS Firewall Document ID: 43068 Contents Introduction Prerequisites Requirements Components Used Conventions Configure
More informationFirewall Authentication Proxy for FTP and Telnet Sessions
Firewall Authentication Proxy for FTP and Telnet Sessions Last Updated: January 18, 2012 Before the introduction of the Firewall Authentication Proxy for FTP and Telnet Sessions feature, users could enable
More informationExam Name: Implementing Cisco Edge Network Security Solutions
Vendor: Cisco Exam Code: 300-206 Exam Name: Implementing Cisco Edge Network Security Solutions Version: Demo QUESTION 1 The Cisco ASA must support dynamic routing and terminating VPN traffic. Which three
More informationLab Configuring 802.1Q Trunk-Based Inter-VLAN Routing (Instructor Version Optional Lab)
(Instructor Version Optional Lab) Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only. Optional activities are designed to enhance understanding and/or
More informationASACAMP - ASA Lab Camp (5316)
ASACAMP - ASA Lab Camp (5316) Price: $4,595 Cisco Course v1.0 Cisco Security Appliance Software v8.0 Based on our enhanced FIREWALL and VPN courses, this exclusive, lab-based course is designed to provide
More information