Transcript
Cisco ASAv Configuration Lab (in progress)VMware and Linux basedCLI configuration only
Network topology created on GNS3
VMware topology diagram
Lab requirements
● Must be CLI configuration only● Create network topology in VMware● Configure services (DHCP, NAT and Identity NAT)● Configure object (network, services and groups) and ACLs● Layer 5-7 advanced inspection ● Configure site-to-site IPSec VPN● Enable SNMP and NetFlow● Use free Linux NMS based on Nagios OMD - Open Monitoring Distribution
DHCP Server configuration
Dynamic NAT/PAT configuration
Dynamic NAT/PAT configuration
Dynamic NAT/PAT configuration
Dynamic NAT/PAT configuration
Object Groups and ACLs configuration/verification
Object Groups and ACLs configuration/verification
Object Groups and ACLs configuration/verification
Object Groups and ACLs configuration/verification
Object Groups and ACLs configuration/verification
Layer 7 advanced inspection configuration/verification
Layer 7 advanced inspection configuration/verification
London-FW1(config)# flow-export destination MANAGEMENT 192.168.1.156 2055
London-FW1(config)# flow-export template timeout-rate 1
London-FW1(config)# flow-export delay flow-create 60
London-FW1(config)# logging flow-export-syslogs disable
London-FW1(config)# access-list IPANY extended permit ip any any
London-FW1(config)# class-map NETCLASS
London-FW1(config-cmap)# match access-list IPANY
London-FW1(config)# policy-map NETPOLICY
London-FW1(config-pmap)# class NETCLASS
London-FW1(config-pmap-c)# flow-export event-type all destination 192.168.1.156
London-FW1(config)# service-policy NETPOLICY global
top related