Tag: firewall

Port Forwarding on the ASA/FWSM/PIX

Here’s a simple one since I haven’t updated in a while. I have my ASA 5505 at home and want to forward TCP/80 traffic to my public IP to my webserver at 10.10.10.10. There are two steps here — forward…

Getting Started with the FWSM

Have I talked about the Cisco Firewall Services Module (FWSM) before? It’s a firewall on a module for the 6500 and is based on the PIX firewall. The term “based on” is important here, since it does a lot of…

ASA + HSRP/VRRP/GLBP = undef

I use Google Analytics to track the 2 or 3 hits I get a day, and sometimes I see some interesting search terms. Yesterday, some googled up the term “does the ASA 5505 run HSRP”; I think that deserves a…

DHCP on the ASA 5505

Let’s keep going with our example setup on the ASA 5505 and set up DHCP on this guy. You can set it up to either forward (relay) DHCP requests to a DHCP server somewhere or have it be the DHCP…

Setting Up VLANs on an ASA 5505

I’ve had my ASA 5505 in place at home on my Comcast cable for a few weeks now, and, let me tell you, this thing rocks. I did, however, have a few problems finding a clear answer on how I…

Default Route via DHCP on an ASA 5505

I finally got my ASA 5505 up and running at the house, but I ran into a little problem — the box wouldn’t add the DHCP-provided default route into its routing table.  That one threw me for a loop since…

NAT on a PIX/ASA

NATting sucks and can be confusing. I’m sure everyone agrees to that, but you have to use it at some times. In a PIX/ASA, it’s easy to configure a simple setup, but can be super-complicated in larger networks. In a…

Commenting Access-lists

There’s a very-overlooked feature of access-lists — the remark. Yes, this is very basic, but it’s worth mentioning, as it has saved me anguish time and time again. I use remarks to document each line of an ACL (on IOS,…

Can’t Login to Your ASA via SSH or Telnet?

I deployed a Cisco ASA at a location and couldn’t get logged in via SSH. I would get prompted, but, no matter what username/password I put in, it would just reject me. After some digging, it turns out that I…