Category: Configuration Example
Configuration Example, Firewalling
PIX / ASA – Threat Detection
From software release 8.0 and later the Cisco PIX and Cisco ASA firewalls support the feature called Threat Detection. In the default configuration Basic Threat Detection is enabled on the security appliance. Using Threat Detection the appliance monitors the rate of dropped packets and security events due to these reasons (Source): Denial by access lists; … Read More
Configuration Example, Firewalling
PIX Failover not working
Today I received the question why a PIX failover configuration wasn’t working. The customer accidentally disconnected the power cable from the primary PIX firewall. The secondary PIX firewall became the active one, but multiple DMZ segments weren’t working anymore. After rebooting the PIX firewall and making that the primary one again, the DMZ segments were … Read More
Configuration Example, Security
MAC Authentication Bypass
NAC (for Cisco – Network Admission Control) or NAP (for Microsoft – Network Access Protection) in conjunction with 802.1x will be standard for authenticating network components and allowing them access to the network. At least in the future. Currently their aren’t a lot of companies how are using NAC in the network. Techworld released an … Read More
Configuration Example, Firewalling
Cisco IOS Authentication Proxy
Today I have been playing a little with my router at home. I was looking at different websites and stumbled on a Cisco website about Cisco IOS Firewall Authentication Proxy. So I thought by myself, lets give it a try. Cisco IOS Authentication Proxy is a feature with the following discription: “The Cisco IOS Firewall … Read More
Port-channel configuration for VMWare
I received some e-mails from people asking for configuration examples for Cisco switch in conjunction with VMWare servers. That is why I post the configuration (I normally use) beneath. This configuration enables a 802.1Q trunk connection between the switch and the VMWare server. This configuration requires the VMWare server to use VLAN tagging. The Port-channel … Read More
Configuration Example, Routing
BGP Multihoming
Today I have been playing with configuring BGP and multihoming. I configured a simple test environment where one customer router (local AS 100) connects to two ISP routers from the same ISP (remote AS 200). I configure some kind of load-sharing amongst the two links to the ISP. Important when configuring BGP is the concept … Read More