CCNASv2 InstructorPPT CH9
CCNASv2 InstructorPPT CH9
CCNASv2 InstructorPPT CH9
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 2
Upon completion of this section, you should be able to:
Compare ASA solutions to other routing firewall technologies.
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
Small Office and Branch Office ASA Models
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
Internet Edge Models
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
Enterprise Data Center Models
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
ASA Virtualization
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
High Availability
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
Identity Firewall
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
ASA Threat Control
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
Permitted Traffic
DeniedTraffic
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
Routed Mode Transparent Mode
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
Base License Specifics
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
Security Plus License
Specifics
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
show version Command Output
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
ASA 5505 Back
Panel
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
Security Level Control:
Network Access
Inspection Engines
Application Filtering
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
ASA Deployment in a Small Branch
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
ASA Deployment in an Enterprise
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
Upon completion of this section, you should be able to:
Explain what ASA firewall services are enabled using the default configuration.
Configure access control using the local database and AAA server.
Explain how the Cisco Modular Framework (MPF) is used to configure ASA policies.
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
Base License
Specifics
Security Plus
License Specifics
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
show version Command Output
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
ASA 5505 Default
Configuration Overview.
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
Entering the ASA 5505 Setup Initialization Wizard
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
Entering Global Configuration Mode Example
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
ASA Basic Configuration Commands
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
Configuring Basic Settings
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
Local VLAN Interface
Commands
Configuring IP Addresses
on VLAN Interfaces
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
Configuring VLAN Interfaces Example
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
Configuring Layer 2
Ports Example
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
Verifying Interfaces
Example
Verifying IP
Addresses Example
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
Telnet Configuration Commands
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
SSH Configuration Commands
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
NTP Authentication Commands
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 39
DHCP Server Commands
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
Network Object Commands
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
Service Object Options Example
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
Common Service Object Commands
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
Network Object Group
Example
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
Services Object Group Example
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
Services Object Group Example
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 50
ASA ACL and IOS ACL
Similarities
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 51
Higher Levels Allowed
To Lower Levels
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
Extended ACL Examples
Standard ACL
Example
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
ACL Command Parameters
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
Condensed Extended ACL Syntax
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
ASA ACL Elements
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
access-group Command Syntax
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 57
ACL Reference Topology
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
Extended ACL
Configuration
Example
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
Condensed Extended ACL Syntax with Object Groups
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 60
ACL and Object
Group
Configuration
Example
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 62
Types of NAT Deployments:
Inside NAT
Outside NAT
Bidirectional NAT
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
Dynamic NAT Reference Topology
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
Dynamic NAT Configuration
Example
Enable Return
Traffic Example
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 65
Dynamic PAT Configuration Example
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 66
Configure the DMZ
Interface Example
Static NAT
Configuration
Example
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 67
Verifying the Static NAT Configuration Example
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 68
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 69
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 70
RADIUS and TACACS+ Server Commands
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 71
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 72
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 73
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 74
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 75
Implementing Modular Policy Framework
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 76
Default Service Policy Configuration
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 77
Chapter Objectives:
Explain how the ASA operates as an advanced stateful firewall.
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 78
Thank you.
Remember, there are
helpful tutorials and user
guides available via your
NetSpace home page. 1
(https://www.netacad.com) 2
These resources cover a
variety of topics including
navigation, assessments,
and assignments.
A screenshot has been
provided here highlighting
the tutorials related to
activating exams, managing
assessments, and creating
quizzes.
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 80