Monthly Archive: October 2015

Oct 20

How to copy files to cisco ASA via SSH

There’s number of ways to copy files to Cisco ASA firewall. Most common example is TFTP we all learned to use on CCNA course or reading articles on the Internet. There’s are two issues to this method: First problem is security as TFTP use clear text transmission is not preferred method from security standpoint . …

Continue reading »

Oct 15

IPMI Security Best Practices

IPMI-Block-Diagram

Great document created by Dan Farmer regarding IPMI security and best practices. Must do read for all Sys Admins and Security Engineers. IPMI Security Best Practices

Oct 09

How to Enable IPSec Traffic Through a Firewall

IPSec does not disturb the original IP header and can be routed as normal IP traffic. Routers and switches in the data path between the communicating hosts simply forward the packets to their destination. However, when there is a firewall or gateway in the data path, IP forwarding must be enabled at the firewall for …

Continue reading »

Oct 06

Configuring IPsec or SSL VPN to Bypass ACLs

To permit any packets that come from an IPsec or SSL VPN tunnel without checking ACLs for the source and destination interfaces, enter the sysopt connection permit-vpn command in global configuration mode. You might want to bypass interface ACLs for IPsec or SSL VPN traffic if you use a separate VPN concentrator behind the ASA …

Continue reading »