Category Archive: Cisco ASA/FWSM

Aug 20

Hybrid solution using RackConnect – how it works

rackconnect

Hosting environments can be Dedicated or Cloud based. In recent years more and more organizations combine both architectures to achieve scalability, performance and cost reduction. Hosting company called Rackspace who developed Open Stack and is one of leading providers of Cloud solutions offers hybrid solution called RackConnect. In summary RackConnect provides physical link between dedicated …

Continue reading »

Aug 20

Limiting connections rate for traffic destined on HTTP and HTTPS

In our example we going to restrict number of connection coming from outside interface (Internet) on port 80 and 443 to local environment. Setting up limitation will protect internal WEB servers against receiving too many connections such as DDOS attacks and SYN attacks. We limit maximum number of established connections to 1000. Embryonic (half-open) connection …

Continue reading »

Aug 17

Reset-O on ASA/FWSM

Reset-O TCP flag means that the Reset is from the Outside. Here is the syslog messages reference: http://www.cisco.com/en/US/docs/security/fwsm/fwsm40/system/message/logmsgs_external_docbase_0900e4b18059d73b_4container_external_docbase_0900e4b180ef4f45.html#wp1280675

Aug 15

Junos for Cisco engineers

cisco-junos

Jul 30

Troubleshooting ISAKMP (IKE Phase 1) Negotiation on Cisco ASA

Troubleshooting VPN issues may be time consuming and frustrating task. In most cases firewall will help us fix the issue but we have to know how to read messages provided by the firewall. We will look into ISAKMP Phase 1 negotiation sates and possible reasons for problem establishing association on Cisco ASA firewall. In order …

Continue reading »

Jul 27

Entering a ? (Question mark) into Cisco IOS command

To get the question mark “?” into Cisco IOS configuration from command line simply type “Ctrl + V”, and the enter the “?” character. Example of use for this would be user password including “?” sign.

» Newer posts