Firewalling, Security

Cisco ASA: DNS reply filtering

René Jorissen on August 28, 2009 7 Comments • Tags: #asa #cache #class #dns #drop #expression #filtering #inspect #inspection #map #policymap #regex #regular #request #url

Today I was asked to block access to multiple websites and the only device capable of doing this was the firewall. This customer is using a Cisco ASA firewall, which supports basic URL filtering. This customers wanted to block HTTP and HTTPS websites. HTTPS websites use a SSL tunnel from the end device to the … Read More

Firewalling

Failed to establish VPN through PIX

René Jorissen on October 17, 2008 5 Comments • Tags: #1723 #305006 #47 #asa #creation #failed #firewall #for #gre #pix #pptp #protocol #regular #stateful #translation #vpn

We migrated our Internet connection lately and reconfigured our PIX firewall. We added some memory to install the latest firmware version (8.0(4)). After putting the PIX firewall in production some of the employees were complaining they couldn’t establish any PPTP VPN Tunnels anymore to customers. Every time when some one called me, I tried it … Read More

Configuration Example, Firewalling

Secure Copy Server Cisco ASA

René Jorissen on September 16, 2008 1 Comment • Tags: #asa #asdm #copy #puttyscp #scopy #scp #secure #server #ssh

Lately there are a lot of changes in the firmware and the ASDM for the Cisco ASA firewalls. This means a lot of copying from files to the flash memory of the specific appliances. Normally when upgrading the software from an appliance I use a computer on the customer network. This could be my own … Read More

Firewalling

Cisco Firewall Design and Deployment

René Jorissen on June 25, 2008 0 Comments • Tags: #access #active #asa #bridging #context #dynamic #fwsm #mixed #mode #multicontext #multicast #multiple #protocol #redundancy #redundant #remote #routed #routing #sitetosite #standby #transparant #virtualization #vpn

The session about firewall design and deployment didn’t reveal a lot of new things about the Cisco ASA appliance or FWSM module. The only new thing for me was the possibility to configure a redundant interface for a Cisco ASA appliance. The screen shot below shows the cabling scheme for an implementation with and without … Read More

Configuration Example, Firewalling

PIX / ASA – Threat Detection

René Jorissen on June 19, 2008 0 Comments • Tags: #80 #asa #basic #detection #intrusion #pix #prevention #scanning #threat

From software release 8.0 and later the Cisco PIX and Cisco ASA firewalls support the feature called Threat Detection. In the default configuration Basic Threat Detection is enabled on the security appliance. Using Threat Detection the appliance monitors the rate of dropped packets and security events due to these reasons (Source): Denial by access lists; … Read More