Cisco ASA
Course Overview
Introduction
- Introduction
- Q&A, Messages & Feedback
Understanding VPNs
- What are VPNs?
- VPN Technologies and Protocols
Lab Setup
- Install GNS3 in windows
- Add Cisco Dynamips Routers and Switches in GNS3
- Install VMWare Workstation Pro
- VMware Workstation Adaptor Settings
- GNS3 VM Installation on VMware Workstation & Virtualbox
- Links to download the Files
- Add Cisco VIRL Router & Switch in GNS3
- GNS3 ASAv download and Import
- Install Eve-ng on Windows
- Add ASAv and ASA 9.15 images in Eve-ng
- Add Cisco vIOS Images on EVE-NG
- Add Windows host in Eve-ng
IPSec and DMVPN
- IPSec VPN Explained – Part-1
- IPSec VPN Explained – Part-2
- IPSec VPN Lab – Base Topology – Part – 1
- IPSec VPN Lab – Base Topology – Part – 2
- Limitations of IPSec
- GRE and IPSec over GRE
- IPSec Tunnel mode and Transport mode
- IPSec Static Virtual Tunnel Interface (SVTI)
- mGRE and NHRP
- DMVPN Phase – 1
- DMVPN Phase – 2 & 3
IKEV2 VPN
- IKEv2 lab topology and initial setup
- IKEv2 Overview
- IKEv2 Lab
- IKEv2 with SVTI
FLEX VPN
- Flex VPN Overview
- Flex VPN Lab
- Flex VPN Summary
Cisco ASA 9.x
- ASA Overview
- Understand ASA interface config (Zones(NameIf), Security-level)
- Security Levels Explained
- Default traffic flow with Security-Level
- Why DMZ?
- Same Security-Level
- Management Traffic to the Firewall
- ASA Initialization – Lab
- ASA thru traffic Default Behaviour – Lab
- Test your Knowledge
Routing on ASA
- Static & Default Routing
- RIP on Cisco ASA
- EIGRP on Cisco ASA
- OSPF on Cisco ASA
- BGP on Cisco ASA
- Redistribution on ASA
ASA ACL and Management
- Lab Initial config
- Cisco ASA Firewall ACL
- Controlling management traffic
- ASA interface as DHCP server
- ASDM on ASA
Nat on Cisco ASA
- NAT types on Cisco ASA
- NAT Overview
- Dynamic NAT
- Static NAT Explanation
- Static NAT Lab
- Destination NAT Overview (Twice NAT)
- Destination NAT Lab
- Dynamic Port Address Translation Overview
- Dynamic PAT Lab
- Static PAT Overview
- Static PAT Lab
- Policy / Manual NAT Overview
- Policy / Manual NAT Lab
Transparent Firewall
- Transparent Firewall Overview
- Router Config and Topology Explanation
- Transparent Firewall Initialization
- Understanding Flow of Transparent Firewall
- Ether-Type ACL
Virtualization in Cisco ASA
- Security Context – Part-1
- Security Context – Part-2
Interface Redundancy
- Redundant Interface
- Port Channel
Firewall Redundancy
- Failover – Active/Standby Overview
- Failover – Active/Standby Lab
- Failover – Active/Active Overview
- Failover – Active/Active Lab
- Clustering Overview
- Clustering – Individual Interface Mode Overview
- Clustering – Spanned Mode Overview
- Clustering – Spanned Mode Lab
ASA MPF (Deep Packet Inspection)
- ASA MPF Overview
- Inspecting ICMP in ASA
VPNs On ASA
- Understanding the VPN Topology
- Lab Initial Configuration
- LAN-To-LAN IPSec VPN on ASA
- VPN thru ASA using Public IP’s
- VPN thru ASA using NAT-T
- Web-Based VPN Overview
- Web-Based VPN(Clientless VPN) Lab
- Any Connect VPN (Client based VPN) Overview
- Any Connect VPN (Client based VPN) Lab
- Split-tunnel Any Connect VPN
Cisco’s NGFW FirePower Threat Defense (FTD) Introduction
- Cisco FTD Overview
- Introduction to Firepower services & Components
Bonus Lecture
- GET VPN Overview
- GET VPN – Lab
- SSL VPN Overview
- SSL VPN Lab
