Category: Firewalling
Microsoft Outlook through Citrix Access Gateway SSL IP VPN
One of our customers wants you use their locally installed Microsoft Outlook through a Citrix Access Gateway (CAG). Sales people from that customer travel through the country and use the Outlook offline to read or prepare e-mail to send later. These people use UMTS technology to connect their laptops to the Internet. The customers wants … Read More
Failed to establish VPN through PIX
We migrated our Internet connection lately and reconfigured our PIX firewall. We added some memory to install the latest firmware version (8.0(4)). After putting the PIX firewall in production some of the employees were complaining they couldn’t establish any PPTP VPN Tunnels anymore to customers. Every time when some one called me, I tried it … Read More
Configuration Example, Firewalling
Secure Copy Server Cisco ASA
Lately there are a lot of changes in the firmware and the ASDM for the Cisco ASA firewalls. This means a lot of copying from files to the flash memory of the specific appliances. Normally when upgrading the software from an appliance I use a computer on the customer network. This could be my own … Read More
Cisco Firewall Design and Deployment
The session about firewall design and deployment didn’t reveal a lot of new things about the Cisco ASA appliance or FWSM module. The only new thing for me was the possibility to configure a redundant interface for a Cisco ASA appliance. The screen shot below shows the cabling scheme for an implementation with and without … Read More
Cisco IOS Security
The first session I attended is about Deploying IOS Security. The session is about using the Cisco IOS as firewall to protect branch offices. We discussed normal classic firewalling and zone-based firewalling. I normally use classing firewalling, but I guess I have to try zone-based firewalling in the future. The advantage of zone-based firewalling is … Read More
Configuration Example, Firewalling
PIX / ASA – Threat Detection
From software release 8.0 and later the Cisco PIX and Cisco ASA firewalls support the feature called Threat Detection. In the default configuration Basic Threat Detection is enabled on the security appliance. Using Threat Detection the appliance monitors the rate of dropped packets and security events due to these reasons (Source): Denial by access lists; … Read More