This book discusses how to connect your company sites together using a LAN to LAN IPsec VPN using Cisco ASA firewalls. It will be using the latest IPsec features like IKE v2 and SHA 3 and also discussing using a Cisco router as a certificate authority (IOSCA). There will be two IPsec setups, one using “pre-shared keys” and the other using “digital certificates”. This book is designed so that you could use it as a guide to build your own lab and configure the features discussed.
I will be using the ASA CLI and not the ADSM in this book as it is easier to use and more powerful. The ASDM is very useful for management after the ASA has been configured.
The ASA will be based upon a 5510 with version 8.4 but a lot of the configuration will work on previous versions of the code and on other platforms except NAT. The reason for this is that NAT completely changed from version 8.3 onwards.
Pickenfield Publishing:
At Pickenfield Publishing, we have a goal to create interesting and in-depth technical books. Each book is thoughtfully put together with care and precision. If you notice any errors in this book or information you think we should include, please do not hesitate in contacting us.
Contact: admin@pickenfield.com
Author:
Grant Wilson is the author of the “Cisco Pocket Guide” series of books. He is CCIE security #26667 and currently works for a major IT out sourcing company as a network architect. He spent 15 years of his IT career as a Cisco trainer (CCSI) teaching many Cisco certified classes. He lives near Oxford in England with his wife and three children.
Grant runs a website which is in his kitchen and is protected by an IOS firewall, ASA firewall, IOS IPS and an IPS sensor.
He holds the following certifications:
-CCIE - Security (Cisco) - #26667
-CCSI (Cisco) - #23077
-CCSP (Cisco)
-CCNP (Cisco)
-JNCIS Security (Juniper)
-JNCIA (Juniper)
-CCSA (Checkpoint)
-CCNA (Cisco)
-CCDA (Cisco)
-MCSE (Microsoft)
-MCT (Microsoft)
-Cisco Firewall Specialist
-Cisco Content Networking Specialist
-Cisco Network Management Specialist
-Ironport certified trainer
-Cisco Borderless Networks R and S Support Specialist
-Bsc Electrical and electronic engineering
-MA Digital Music Technology
I will be using the ASA CLI and not the ADSM in this book as it is easier to use and more powerful. The ASDM is very useful for management after the ASA has been configured.
The ASA will be based upon a 5510 with version 8.4 but a lot of the configuration will work on previous versions of the code and on other platforms except NAT. The reason for this is that NAT completely changed from version 8.3 onwards.
Pickenfield Publishing:
At Pickenfield Publishing, we have a goal to create interesting and in-depth technical books. Each book is thoughtfully put together with care and precision. If you notice any errors in this book or information you think we should include, please do not hesitate in contacting us.
Contact: admin@pickenfield.com
Author:
Grant Wilson is the author of the “Cisco Pocket Guide” series of books. He is CCIE security #26667 and currently works for a major IT out sourcing company as a network architect. He spent 15 years of his IT career as a Cisco trainer (CCSI) teaching many Cisco certified classes. He lives near Oxford in England with his wife and three children.
Grant runs a website which is in his kitchen and is protected by an IOS firewall, ASA firewall, IOS IPS and an IPS sensor.
He holds the following certifications:
-CCIE - Security (Cisco) - #26667
-CCSI (Cisco) - #23077
-CCSP (Cisco)
-CCNP (Cisco)
-JNCIS Security (Juniper)
-JNCIA (Juniper)
-CCSA (Checkpoint)
-CCNA (Cisco)
-CCDA (Cisco)
-MCSE (Microsoft)
-MCT (Microsoft)
-Cisco Firewall Specialist
-Cisco Content Networking Specialist
-Cisco Network Management Specialist
-Ironport certified trainer
-Cisco Borderless Networks R and S Support Specialist
-Bsc Electrical and electronic engineering
-MA Digital Music Technology
