Read book The Accidental Administrator: Linux Server Step-by-Step Step-by- Step Configuration Guide: 1 by Crawley, Don R () Paperback pdf download Administrator: Cisco Router Step-By-Step Configuration Guide. The Accidental Administrator: Cisco Router Step-by-Step Configuration Guide The Accidental Administrator: Cisco Asa Security Appliance: A Step-By-Step. The Accidental Administratortm: Cisco Router Step-by-Step Configuration Guide is packed with more than 30 easy-to-follow interactive.
|Language:||English, Spanish, French|
|ePub File Size:||27.34 MB|
|PDF File Size:||16.38 MB|
|Distribution:||Free* [*Regsitration Required]|
Editorial Reviews. About the Author. Don R. Crawley, CCNA Security, Linux+, shares his 35 Your easy-to-follow step-by-step guide to configuring a Cisco router from the ground up! The Accidental Administratortm: Cisco Router Step-by- Step. Your easy-to-follow step-by-step guide to configuring a Cisco router from the ground up! With The Configuration Guide (Volume 1) By Don R lesforgesdessalles.info The Accidental Administrator®: Cisco Router Step-by-Step. Configuration Guide. From IT author Don R. Crawley. Available in both paperback and Kindle.
In this sample. Search for a book to add a reference. I found a website which specializes in such adapters and found one that was Windows logo certified. The most basic firewalls. You can think of user mode as a read-only mode.
If no other object has been configured. This command is not used on the ASA 55x0 appliances. The network option states that this particular object will be based on IP addresses. It can also be used in conjunction with access-lists to send specific types of traffic to specific hosts on specific subnets. The interface command tells it to use whatever address is configured on the outside interface. Of course. The above commands create a very basic firewall. Just Beyond the Basics Other commands to use include hostname to identify the firewall.
NAT 0 is used to prevent the specified group of addresses from being translated. If your ASA is running a version earlier than 8. In this sample. In the following sample. NAT is enabled on the inside interface for hosts on the Use the command show version to display the software version running on your ASA.
Log in with a blank username and password. Identify the logical VLAN interfaces. IP Addresses. Internet access.
It is also necessary to connect the outside interface to the public Internet using an Ethernet cable. Exercise Steps Assign Interface Names. Enter N for no. Assign IP addresses to the logical interfaces. Use a static address on the inside interface and a DHCP assigned address on the outside interface: The ASA will now ask if you wish to enable anonymous reporting. Assign physical interfaces to each of the logical interfaces and enable the physical interfaces: Starting the basic configuration 4.
Configure the address on the outside interface: In this example. Check the software version with Configure a default route: This can happen even on a brand new ASA. Test your configuration by attempting to connect to a public website from your PC such as http: This book is based on software version 9. Right-click on Local Area Connection for the wired connection and select Properties f. If your software is earlier than 8.
IP address: If you have problems running ASDM. Click on Network and Internet Connections c. Default gateway: DNS server: Assign a static IP address to your management workstation to test your configuration the following steps are for computers running the Windows 7 operating system: With the Java plugin.
Click on Network and Sharing Center d. Test the Configuration 8. Click on Change Adapter Settings e. When you have successfully connected to the website.
Subnet mask: Click OK as needed to save the configuration and exit the applet. Select the radio button labeled Use the following IP address and enter the following parameters: Enter the following commands to reset your ASA to factory defaults if your appliance asks to save the configuration.
Enter configuration mode: The ASDM includes several wizards to assist in tasks such as building an initial configuration. Exercise Diagram This exercise uses the same diagram as the previous exercise. A Cisco support contract is required for most downloads. Set your ASA to its factory default configuration with the following commands in configuration mode: Exercise Prerequisites The prerequisites for this exercise are the same as for the previous exercise. You can download the demo program from http: When your ASA finishes reloading.
In the Command Line Interface window that appears. Some may require slight adjustments. You should now see an IP address of This exercise requires that you have completed exercise 1.
You should see an IP address of Select the radio button labeled Obtain an IP address automatically. If you do not see these values. It is also necessary to connect the outside interface to the public Internet Reset your management workstation to obtain an IP address automatically: In the Run dialog box.
Click on Network Connections d. If your software and ASDM versions are different.
Right-click on Local Area Connection and select Properties e. As long as your ASA software version is at least 8. This configuration will be the basis for all subsequent exercises.
On your PC. An ASDM warning 6. Enter the following URL in the Run dialog window: After several seconds. For the purpose of this exercise. If it appears. To deal with this error. If a button is visible in the lower right-hand corner of the screen labeled Run Startup Wizard.
If a button is visible at the bottom of the screen prompting you to install Java.
You might also have to tell your browser to keep a file named startup. Different browsers have different ways of dealing with Java.
It will. Java will take some time to install and may appear to stall. Creating a Java exception in the Java control panel 7. Click Yes or OK on all subsequent security warnings. When Java Runtime is completed. You will receive several security warnings and additional requests for authentication.
Click the button in the lower right-hand corner of the screen labeled Run Startup Wizard. Simply click it to install Java. Starting the ASDM startup wizard You must say yes when prompted in order to use the ASDM. The Startup Wizard: Starting Point window will appear. Click the button labeled Next. Enter soundtraining. Leave the Old Password field blank and enter p ss for the New Password and confirm it.
The initial authentication request. You can enter any domain you want. Inside VLAN: Leave the default settings in place VLAN 1. I use soundtraining. If you have that option. The Interface Selection window appears. Ensure that the radio button for Modify existing configuration is selected and click the button at the bottom of the window labeled Next. A Cisco Smart Call Home window will appear. Basic Configuration window will appear. Check the box labeled Change the privileged mode enable password.
If a Windows security alert appears. Outside VLAN: Leave the default settings in place VLAN 2. Configure the settings on this page as follows: The Switch Port Allocation page appears. In the Inside IP Address section, leave the default settings in place DNS Server 1: DNS Server 2: WINS Server 1: WINS Server 2: Lease Length: Ping Timeout: Domain name: The Administrative Access page appears. The default settings allow access from the It is not necessary to make any changes. You can also enable SSH and Telnet access on this page, but you will do that manually later in the book.
The Startup Wizard Summary page appears. When you are satisfied, click the button labeled Finish. The device will prompt you for a username and password. Leave the username field blank and enter p ss for the password.
This is a feature which was introduced into the ASA firewalls in software version 8. Smart Call Home allows for periodic monitoring of the firewall device. It provides real-time troubleshooting information to the Cisco Technical Assistance Center. For the purpose of this exercise, do not enable Smart Call Home. For more information about its capabilities, see the video at http: Previewing Commands Configure the ASDM to allow you to preview the commands you enable before sending them to the device with the following commands:.
In the Preferences window, under the General tab, check the box to Preview commands before sending them to the device. Hands-On Exercise 2. In the following exercises. Unlike the start of chapter one. In the following exercise. Out of the box. You will connect your management workstation to the ASA security appliance using both the serial console cable and an Ethernet cable.
Exercise Steps In its default configuration. After a few seconds. If not. You should get four replies back from the ASA. In the command prompt window.
Type cmd 3. Click on the menu option Change Settings. Name the file asainfo. When the output finishes displaying. Click Apply. Create a folder on your management workstation to store all of your configuration files: On your management workstation. Setting terminal pager to 0 disables paging. In the Log file name field. On the right-hand side of the Reconfiguration window. Review and Backup Configuration Information Exercise Prerequisites This exercise requires you to have a folder on your management workstation in the root of your C drive named myconfigs.
Double-click on it to open it and view the contents. If your PC displays a single text- heavy paragraph instead of a nicely formatted configuration file. Find the folder c: Configuring PuTTY for logging The top of the output of the show version command. The number of supported VLANs will vary based on the license. Scroll farther down through the file to the licensed features section.
How many inside hosts are supported with this license? The number varies based on the license. A with a base license. What is the system image file and where is it stored?
The system image file will have a name similar to asak8. How many AnyConnect Premium Peers are supported with this license? As with the number of inside hosts. Depending on the type of ASA you have. This ASA supports 50 inside hosts. How about other VPN peers? Licensed features for the ASA How long has the ASA been up? This ASA has been up for 2 hours and 10 minutes. How many physical interfaces are supported on this ASA? This ASA has eight physical interfaces. Both are stored in flash memory.
License information Scroll to very bottom of the file. The configuration register is a bit software value that tells the device how to boot. What is the serial number of this ASA? What is the configuration register for this ASA?
What type of license is associated with this ASA? This ASA has a Base license. The configuration file is called startup-config. Notice the activation key. The software image has a filename similar to asak8. Change the TFTP root folder to c: If you need to manually configure the port number on your firewall.
Start it. On an Internet-connected PC. When the installation completes. It may also be necessary to configure the Windows firewall to allow incoming TFTP connections by clicking the button labeled Unblock.
In the TFTP server application window. If you have multiple interfaces configured on your management workstation. After you download the TFTP server. If yours is different.
Source filename [running-config]? Configuring Tftpd Hands-On Exercise 2. Exercise Prerequisites The prerequisites are the same as used in the previous exercise. When the transfer is completed. You will then restore the backed up configuration from the previous exercise. Destination filename [running-config]? If you do the following steps correctly. Confirm the transfer by checking for the file in the TFTP root folder.
Backing Up. Exercise Steps Rename your security appliance with the following commands: Address or name of remote host [ Prerequisites The prerequisites are the same as used in the previous exercise. Exercise Diagram The exercise diagram is the same as used in the previous exercise.
When you make the decision to proceed. Copy the software image to your TFTP server with the following commands: You can watch the progress in the TFTP server console window. The decision to upgrade is usually based on the desire to address security vulnerabilities or to take advantage of new capabilities.
Plan on performing the upgrade during a slow time. Address or name of remote host ? Familiarize yourself with any command syntax changes. This is also a good time to take a short break. If your security appliance is running a different version of the software. The procedures for backing up the ASDM image are identical to those above. In a real-world setting. It has a filename similar to asdm This process can take several minutes. Your security appliance console output will display many lines of exclamation marks as it copies the software to the TFTP server.
The software image to which I will upgrade is Click the Show Dir button to list the contents of the current directory. You must also ensure that your ASA meets the minimum hardware requirements for the software version you choose to download and install. In the next exercises. You can download the latest version from cisco. Use the command del disk0: You can use the Browse button to set the directory.
Viewing the contents of flash memory 2. On the TFTP server. You can upgrade using either the command line or the ASDM. As you can see in the following screen capture. Exercise Prerequisites In addition to the prerequisites for the previous exercise.
Visit http: The copy process may take a while. Viewing the contents of the TFTP root directory 4. Try it on the next command. When it completes. Use your mouse to select the software image filename. Type the command up through the last forward slash. In PuTTY.
You can then simply right-click to paste the copied text into the terminal window at the position of the cursor. I recommend leaving the old version in place. Viewing the new software image in flash memory 8. As with the previous exercise. If you leave the old software version in flash. In my experience. Checking the size of the image in the TFTP server 3.
Deleting a file from flash memory Checking the amount of free memory 2. As you can see in the screen capture. If your ASA is similarly configured. See the Cisco authorized reseller where you purchased your ASA for information about purchasing a support contract. Copying the ASDM image into flash memory 6. Once again. You can also use the ASDM to upgrade software from your local computer.
Like all software vendors. Watch it at http: Use the command copy tftp: If you have enough flash memory for both the old and new ASDM images and you want to specify which one to use.
Cisco makes slight changes in their software from one version to another. Your upgrade experience should be similar.
The following steps cover upgrading directly from Cisco. Click Next. Exercise Diagram Figure Diagram for installing software directly from Cisco. Upgrading software in the ASDM 2. In the ASDM menu bar. Depending on your current software versions. Select the desire option s and click Next. Starting the upgrade process in the ASDM 3. Choosing versions for the upgrade A confirmation window appears. Viewing the upgrade in progress The download.
Confirming details of the upgrade 6. The progress bars will indicate when the installation process is complete. Ensure the box labeled Save configuration and reload device now is checked. Another window will appear confirming completion.
Click Finish. The completed upgrade 8. A Reload Status window appears notifying you that the device is shutting down. The first command tells the device to use the new ASDM image. The second command tells the device to use the new ASA software image.
Previewing upgrade commands Click Send. Confirming a completed upgrade 9. If you have configured the ASDM to preview commands before sending them to the device.
When you re-connect to the ASDM. Exiting from the upgrade process and reloading the ASA Exercise Steps In this exercise. Manually assign the static IP address of Notice that it no longer has an address on the It is not necessary to assign a default gateway nor any other IP parameters. Enter the following command to reload your security appliance: You may also have to adjust the IP addresses and filename to reflect those in use on your network: In rommon.
Review the previous configuration to ensure that all information has been entered correctly and that the IP addresses listed in this document correspond to the actual IP addresses in use on your LAN segment. ROM Monitor mode is used for repairs and diagnostics.
When you are satisfied that everything is correct. Reset your management workstation to obtain an IP address automatically. If you happen to make a mistake.
In this exercise. Both can be downloaded at http: In the real world. Windows systems. There are eight levels of logging which determine the amount of information sent to the logging server.
Linux and UNIX systems include syslogd which can be configured to accept logging information from external sources. Syslog operates over UDP port Free tools such as tftpd32 http: Logging severity levels in syslog Hands-On Exercise 3. Identify the syslog server: The network diagram for using syslog The tftpd32 or tftpd64 software you installed earlier includes a syslog server.
Add timestamps to the logging entries: Enable Remote Logging Enable remote logging on your security appliance with the following commands in global configuration mode. Configure the level of logging: Unlike chapter one.
Tell the ASA to identify itself by its hostname in the logging entries: Configuration of the ASA is the same. Now that you have made additional changes to your configuration. You might. Change the logging level to warning and notice how much quieter syslog becomes: There are commercial products such as KiwiSyslog offering a much more extensive feature set. Execute a ping to a non-existent address: I want to introduce you to the competence charisma four quadrant model for IT career success.
Discover new books on Goodreads. Sign in with Facebook Sign in options. Join Goodreads. Don R. Add New. Kelsye Nelson. Crawley Goodreads Author. Business , Nonfiction , Spirituality. Learn more. To ask Don R. Crawley questions, please sign up. Combine Editions. Crawley Average rating: Want to Read saving…. Siva Murugesan rated it really liked it Nov 14, Manoske rated it really liked it Apr 05, Rajiv Mural rated it it was amazing Feb 04, Me rated it really liked it Jun 09, Robert Chan rated it really liked it Dec 11, Ashwing77 marked it as to-read Jun 17, Befekadu marked it as to-read Jun 28, Nelson is currently reading it Jul 03, Salim marked it as to-read Jul 11, Rahamihi is currently reading it Jul 14, Manish Patel marked it as to-read Sep 29, Bob Djassimon marked it as to-read Oct 08, Abdimalik marked it as to-read Jan 19, Shyam marked it as to-read Jan 22, Ricardo Romero marked it as to-read Feb 24, Moahmmed Subhan marked it as to-read Mar 12, Fayyaz Shah marked it as to-read Apr 29, Mohd B added it May 19, Shyam marked it as to-read Jul 20, Arvin Salazar marked it as to-read Aug 18, Nilesh Kirve added it Aug 27, Mominur marked it as to-read Aug 31, Shahariar Sarkar marked it as to-read Nov 11, Bugs marked it as to-read Nov 14, Basha marked it as to-read Nov 30, Binyam marked it as to-read Dec 10, Maicon Sousa marked it as to-read Dec 22, Illumi marked it as to-read Jan 27, Ashwin Jadhav added it Feb 22, Mithun Dey marked it as to-read Feb 26, Sandeep Kumar marked it as to-read Mar 22, Seun Adeleke marked it as to-read Apr 29, Lucian Mot marked it as to-read Sep 24, Aum Patel marked it as to-read Oct 12, There are no discussion topics on this book yet.