Configuring Access Control Lists (ACL) | Cisco ASA Firewalls
Here is the live config and explanation of Access Control Lists (ACL) and Access Control Entries (ACE) on Cisco ASA. A follow up video will consider NAT.
We’re approaching this by using a lab, built in VIRL. There are three network areas; The inside, the DMZ, and the internet. If you’re a Patreon supporter you can download this lab in VIRL, GNS3, or just the config files (link below).
We’re focusing on the command line, as that’s what you appear to be interested in. But don’t be afraid of the ASDM. It is also a useful tool.
In addition, we’ll talk about the ACL types; Standard (for matching traffic), and Extended (to permit or deny traffic), as well as the more obscure EtherType and WebType.
Through this video, we’re going to enable ping everywhere, enable internal traceroute while blocking external traceroute, see rules with IP addresses and ports, see DNS lookups, configure FQDN ACL’s, and discuss timebomb rules.
We’ll also take a look at using Packet Tracer to simulate traffic through our rules.
I hope you enjoy the video!
Patreon information: https://networkdirection.net/patreon/
Cisco ASA: All-in-one Next-Generation Firewall, IPS, and VPN Services (affiliate): https://click.linksynergy.com/link?id...
In the next video, we’re taking the next step by adding NAT
Overview of this video:
0:21 Lab Setup
3:09 ACL’s and ACE’s
14:31 IP’s and Ports
20:29 DNS
22:25 FQDN’s and Time
25:52 Packet Tracer
No comments:
Post a Comment
Note: only a member of this blog may post a comment.