FTD Geolocation

• Post author:Admin
• Post published:November 9, 2024
• Post category:Cisco/FTD

Cisco Firepower Threat Defense (FTD) can filter traffic based on the Geolocation of the source IP address. A Geolocation database (GeoDB) is a database of geographic data (such as country,…

Continue ReadingFTD Geolocation

ASA dual ISP backup VPN

• Post author:Admin
• Post published:September 19, 2024
• Post category:ASA/Cisco/VPN

This post covers the configuration of a policy-based Site-to-Site VPN on a single Cisco ASA Firewall (or HA failover pair) with dual internet connections on the head-end ASA. Topology The…

Continue ReadingASA dual ISP backup VPN

ASA Dynamic VTI

• Post author:Admin
• Post published:September 16, 2024
• Post category:ASA/Cisco/VPN

Cisco Secure Firewall ASA version 9.19 introduces the Dynamic Virtual Tunnel Interfaces (DVTI) route-based VPN, which is an alternative to a policy-based VPN (crypto map). VTI is always up, unlike…

Continue ReadingASA Dynamic VTI

ASA Active/Active

• Post author:Admin
• Post published:September 9, 2024
• Post category:ASA/Cisco

The Cisco ASA supports Active/Active failover mode, which allows both ASAs to pass traffic, allowing load balancing of network traffic. Active/Active Key Points Requires using multiple context mode. Refer to…

Continue ReadingASA Active/Active

ASA Multiple Context

• Post author:Admin
• Post published:September 8, 2024
• Post category:ASA/Cisco

The Cisco ASA hardware appliances (not virtual appliances) supports partitioning the ASA into multiple virtual devices, known as security contexts. Each context acts as an independent device, with its own…

Continue ReadingASA Multiple Context

ASA Dual ISP using IP SLA

• Post author:Admin
• Post published:September 5, 2024
• Post category:ASA/Cisco

This post describes how to configure a Cisco ASA firewall for redundant/dual ISP connections, using the IP SLA and track features. IP SLA will be configured in conjunction with the…

Continue ReadingASA Dual ISP using IP SLA