Scribd
Upload
4 views11 pages

Config Asa Firewalls Report

Uploaded by

mikematu41
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
4 views11 pages

Config Asa Firewalls Report

Uploaded by

mikematu41
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 11

MIKE MATU

CYBER SHUJAA
ASSIGNMENT
REPORT: CONFIGURING ASA FIREWALL
INTRODUCTION
This lab in Packet Tracer focuses on configuring and managing a network using a
Cisco ASA (Adaptive Security Appliance). The primary objectives include verifying
connectivity, exploring the ASA, and configuring its basic settings along with
interface security levels using the CLI. The lab involves setting up routing, address
translation, and inspection policies, as well as configuring DHCP, AAA
(Authentication, Authorization, and Accounting), and SSH for secure management.
Additionally, it covers the setup of a DMZ (Demilitarized Zone), Static NAT
(Network Address Translation), and ACLs (Access Control Lists). The scenario
simulates a company with a single location connected to an ISP through R1, an
ISP-managed CPE device, and R2, an intermediate Internet router. R3 connects an
external network management company to the ISP, enabling remote network
management. The ASA, positioned at the network's edge, links the internal
corporate network and DMZ to the ISP, providing essential NAT and DHCP services,
using the public IP address space 209.165.200.224/29 for address translation.
Part: Verifying connectivity and exploring the ASA.
Verifying that pc c can ping any router interface for R1
Checking connectivity to PC B

From the ping test we can determine that PC C cannot communicate tO PC B


Determining the ASA version, interfaces and license
This can be done using the version command

Step 3: Determining the file system and contents of the flash memory.
Showing the File system to determine which prefixes are supported.
Displaying the flash memory

Part 2: Configuring the ASA settings and interface security using the CLI
Step 1: Configuring the hostname and domain name.

And the domain name.

Step 2: Changing the privilege exec password

Step 3: Setting date and time

Step 4: Configuring the Inside and Outside interfaces.


a. Inside
b. Outside

c. Verifying configurations.

Step 5: Testing connectivity to the ASA.


Pinging the ASA inside interface from PC-B
Pinging the OUTSIDE interface of the ASA from PC-B.

This ping test should fail


Part 3: Configurations.
Step 1: Configuring a static default route for the ASA.

Verifying the static default route on the ASA addressing table.


Step 2: Configuring address translation using PAT and network objects.
a. Creating a network object and assigning it attributes.

b. Displaying the object configurations

c. Attempting to ping R1 int G0/0


The ping test should fail.
d. Translated and untranslated hits.

Part 4: Configuring DHCP, AAA and SSH


Step 1: Setting up the ASA as a server

Verifying that PC-B received an IP via DHCP.


Step 2: Configuring AAA to use the local database for authentication.
a. Defining a local user
b. Configuring AAA

Step 3: Configuring remote access to the ASA


a. RSA key pair

b. Configuring the ASA to allow SSH connections from any host.


c. Establishing an ssh session from PC-C to the ASA.

d. Establishing an ASA session from PC-B to the ASA.

Part 5: Configuring a DMZ, Static NAT and ACLs


Step 1: Configuring the DMZ interface VLAN 3 on the ASA.
a. Configuring the DMZ on VLAN 3
b. Verifying configurations.

Step 2: Configuring static NAT to the DMZ server using a network object

Step 3: Configuring the ACL to allow access to the DMZ server from the internet.

Step 4: Testing access to the DMZ server.


Conclusion
In conclusion, the lab effectively demonstrated the critical role of a Cisco ASA in
securing and managing a network. By configuring basic settings, interface security
levels, routing, address translation, and inspection policies, the lab provides
hands-on experience in network security management.
The lab also highlighted the importance of DHCP, AAA, and SSH in facilitating
secure and efficient network operations. The setup of a DMZ, Static NAT, and ACLs
further emphasized the ASA's capability to protect and segment network traffic,
ensuring robust security for internal and external communications.

Through this exercise, one is not only reinforced their understanding of ASA
configurations but also their ability to manage a complex network infrastructure
that supports both local and remote administration. This lab serves as a
foundational step towards mastering advanced network security concepts and
practical applications in real-world scenarios.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy