Unicast Reverse Path Forwarding (uRPF)

• Post author:Admin
• Post published:June 28, 2024
• Post category:ASA/Cisco/IOS-XE

Unicast Reverse Path Forwarding (uRPF) Unicast Reverse Path Forwarding (uRPF) is a security feature on Cisco ISR routers and ASA or Secure Firewall Threat Defence (FTD) firewalls, that enables the…

Continue ReadingUnicast Reverse Path Forwarding (uRPF)

Prevent BGP transit AS

• Post author:Admin
• Post published:June 13, 2024
• Post category:Cisco/IOS-XE

By default, BGP advertises all prefixes to External BGP neighbours. When a router is dual homed to two or more ISP using BGP, the local router could become as transit…

Continue ReadingPrevent BGP transit AS

BGP Path Selection

• Post author:Admin
• Post published:June 1, 2024
• Post category:Cisco/IOS-XE

BGP uses several attributes or metrics for the path selection process, this post discusses the BGP attributes used on Cisco IOS-XE routers/switches for path selection and provides configurations examples of…

Continue ReadingBGP Path Selection

FTD NAT Reflection

• Post author:Admin
• Post published:May 24, 2024
• Post category:Cisco/FTD

NAT Reflection on the FTD or ASA is a technique to allow communication of internal devices to access a server(s) located in either internal network or a DMZ, but by…

Continue ReadingFTD NAT Reflection

FTD registration with FMC

• Post author:Admin
• Post published:May 23, 2024
• Post category:Cisco/FTD

If using the Cisco Firepower Management Center (FMC) to manage sensors such as the FTD, secure communication must be established between the FMC and the FTD. A registration key is…

Continue ReadingFTD registration with FMC

Securing FTD TLS Ciphers

• Post author:Admin
• Post published:April 30, 2024
• Post category:Cisco/FTD

When using a Cisco FTD firewall for SSL/TLS Remote Access VPN, the appliance is enabled by default with TLS versions 1.0, 1.1 and 1.2. TLS versions 1.0 and 1.1 are…

Continue ReadingSecuring FTD TLS Ciphers