ASA Clustering (Spanned EtherChannel)
The Cisco ASA supports clustering feature to combine up to 16 appliances, each cluster unit actively forwards transit traffic (unlikely failover), acting as a single unit. Adjacent switches statelessly load…
ASA Active/Active
The Cisco ASA supports Active/Active failover mode, which allows both ASAs to pass traffic, allowing load balancing of network traffic. Active/Active Key Points Requires using multiple context mode. Refer to…
ASA Multiple Context
The Cisco ASA hardware appliances (not virtual appliances) supports partitioning the ASA into multiple virtual devices, known as security contexts. Each context acts as an independent device, with its own…
ASA Dual ISP using IP SLA
This post describes how to configure a Cisco ASA firewall for redundant/dual ISP connections, using the IP SLA and track features. IP SLA will be configured in conjunction with the…
ASA tunnel internet over VPN
ASA tunnel internet over VPN In some circumstances organisations require routing internet traffic over an IPSec VPN back to the Data Centre and then access the internet from the Data…
Securing IOS-XE VPNs
Securing IOS-XE VPNs This post provides some guidelines in securing an IPSec VPN on a Cisco IOS-XE router to reduce the attack surface when acting as a VPN gateway. Disable…