Prevent BGP transit AS

• Post author:Admin
• Post published:June 13, 2024
• Post category:Cisco/IOS-XE

By default, BGP advertises all prefixes to External BGP neighbours. When a router is dual homed to two or more ISP using BGP, the local router could become as transit…

Continue ReadingPrevent BGP transit AS

BGP Path Selection

• Post author:Admin
• Post published:June 1, 2024
• Post category:Cisco/IOS-XE

BGP uses several attributes or metrics for the path selection process, this post discusses the BGP attributes used on Cisco IOS-XE routers/switches for path selection and provides configurations examples of…

Continue ReadingBGP Path Selection

FTD NAT Reflection

• Post author:Admin
• Post published:May 24, 2024
• Post category:Cisco/FTD

NAT Reflection on the FTD or ASA is a technique to allow communication of internal devices to access a server(s) located in either internal network or a DMZ, but by…

Continue ReadingFTD NAT Reflection

FTD registration with FMC

• Post author:Admin
• Post published:May 23, 2024
• Post category:Cisco/FTD

If using the Cisco Firepower Management Center (FMC) to manage sensors such as the FTD, secure communication must be established between the FMC and the FTD. A registration key is…

Continue ReadingFTD registration with FMC

Securing FTD TLS Ciphers

• Post author:Admin
• Post published:April 30, 2024
• Post category:Cisco/FTD

When using a Cisco FTD firewall for SSL/TLS Remote Access VPN, the appliance is enabled by default with TLS versions 1.0, 1.1 and 1.2. TLS versions 1.0 and 1.1 are…

Continue ReadingSecuring FTD TLS Ciphers

ASA Traffic Zones

• Post author:Admin
• Post published:April 23, 2024
• Post category:ASA/Cisco

ASA Traffic Zones The Cisco ASA supports Equal-Cost multi-Path (ECMP) using Traffic Zones feature. Multiple interfaces (up to 8) are assigned to a Traffic Zone, which lets traffic from an…

Continue ReadingASA Traffic Zones