• No results found

CCNASv2_InstructorPPT_CH10

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "CCNASv2_InstructorPPT_CH10"

Copied!
143
0
0

Loading.... (view fulltext now)

Download now ( 143 Page )

Full text

(1)

CCNA Security v2.0

Chapter 10:

Advanced Cisco Adaptive Security

Appliance

(2)

10.0 Introduction

10.1 ASA Security Device

Manager

10.2 ASA VPN Configuration

10.3 Summary

(3)

Upon completion of this section, you should be able to:

Configure an ASA to provide basic firewall services using ASDM.

Configure an ASA to provide additional firewall services using ASDM wizards.

Configure management settings and services in an ASA using ASDM.

(4)
(5)
(6)

Verify Connectivity to

the ASA

Preparing the ASA

5505

(7)

ASDM Security

Certificate

ASDM Launch

Window

(8)

ASDM Security

Warning - 2

ASDM Security

Warning - 1

(9)

Smart Call Home

Window

Authenticate to Use

ASDM

(10)
(11)
(12)
(13)
(14)
(15)
(16)
(17)
(18)

Startup Wizard Starting

Point Window

(19)

Startup Wizard Interface

Selection Window

Startup Wizard Switch

Port Allocation Window

(20)

Startup Wizard Interface IP

(21)

Startup Wizard Address

Translation (NAT/PAT) Window

Startup Wizard Administrative

Access Window

(22)
(23)

ASDM VPN Wizards

ASDM Remote

Access VPN

Assistant

(24)
(25)
(26)
(27)
(28)

Configuring Hostname, Domain

Name, and Enable Password

Configuring a Master

Passphrase

(29)
(30)
(31)

Adding an Outside Interface

(32)
(33)

Advanced Outside Interface Settings

(34)
(35)

Enable Switch Ports

Apply

(36)

Manually Change

the System Time

Use NTP to Change the

System Time

(37)

Add an NTP Server

(38)
(39)

Configuring Routing

Configuring a Default

Static Route

(40)

Add Static Route Details

Add or Edit Route Window

(41)
(42)
(43)

Add Device Access Configuration Window

(44)
(45)
(46)
(47)
(48)
(49)
(50)

Adding a Network Object/Group

(51)
(52)
(53)

Adding a Service Object/Group

(54)
(55)
(56)

Diagramming Access Rules

Add Access Rule Window

(57)

Add Network Object Window

Creating a Network Object

for Public Addresses

(58)

Creating a Network Object for

Dynamic NAT

(59)
(60)

Static NAT in ASDM

(61)
(62)
(63)
(64)
(65)
(66)
(67)
(68)
(69)
(70)
(71)
(72)

Upon completion of this section, you should be able to:

Explain how the ASA supports site-to-site VPNs.

Configure remote-access VPNs on an ASA.

Configure remote-access VPN support using a clientless SSL VPN.

(73)
(74)
(75)
(76)

Basic ISR Configuration

(77)

Configure the IPsec and VPN ACL

(78)
(79)

Introduction Window

Peer Device

(80)

Traffic to Protect

Window

(81)

NAT Exempt Window

(82)
(83)
(84)
(85)
(86)
(87)
(88)
(89)
(90)
(91)
(92)
(93)

Clientless Login Web page

(94)
(95)

AnyConnect

Authenticate

Window

AnyConnect

(96)

AnyConnect Statistics

Window

AnyConnect

(97)

Cisco AnyConnect Secure Mobility Client is available on the following

platforms:

iOS

Android

BlackBerry

Windows Mobile

(98)
(99)

ASDM Assistant

Clientless VPN

Wizard

(100)
(101)

SSL VPN Interface

Window

Clientless SSL VPN

Introduction Window

(102)

User Authentication

Window

(103)

Configure GUI Customization

Objects Window

(104)

Select Bookmark Type

Add Bookmark List

Window

(105)

Revised Add Bookmark List

Window

(106)

Revised Bookmark List

Revised Configure GUI

(107)
(108)
(109)

Logon Window

(110)
(111)

Log Out of the Web Portal

(112)
(113)
(114)

Client-Based VPN Wizard

ASDM Assistant

(115)
(116)

Connection Profile

AnyConnect VPN Wizard

Introduction Window

(117)
(118)

Add AnyConnect

(119)

Add AnyConnect

Client Image Window

(120)
(121)
(122)

Add IPv4 Window

Client Address

(123)

Network Name Resolution

Servers Window

Completed Client Address

Management Window

(124)
(125)

Completed NAT Exempt

Window

(126)

AnyConnect Client

Deployment

(127)
(128)
(129)

Logon Window

(130)

Cisco AnyConnect VPN Client

Window

(131)
(132)
(133)

End-User Agreement Window

(134)

Ready to Install AnyConnect Client

(135)
(136)

Start the Cisco AnyConnect VPN

Cisco

Cisco AnyConnect VPN Client

Window

(137)

Cisco AnyConnect VPN Connect Window

(138)

Cisco AnyConnect VPN Authentication

Window

Cisco AnyConnect VPN Icon in

System Tray

(139)

Cisco AnyConnect VPN

Client Status

Verifying Connectivity to Internal

Network

(140)

AnyConnect SSL

VPN Configuration

settings:

NAT

WebVPN

Group policy

Tunnel group

(141)

Chapter Objectives:

Implement an ASA firewall configuration.

(142)
(143)

Remember, there are

helpful tutorials and user

guides available via your

NetSpace home page.

(https://www.netacad.com)

These resources cover a

variety of topics including

navigation, assessments,

and assignments.

A screenshot has been

provided here highlighting

the tutorials related to

activating exams, managing

assessments, and creating

quizzes.

1

2

References

Download now ( PDF - 143 Page - 10.18 MB )

Related documents

Erkam Publications 2013 / 1434 H

Make your intention by saying, “For the sake of Allah, I intend to pray the sunnah prayer for salat al-‘asr.” This is like the sunnah prayer for salat az-Zuhr, except in the second

Spontaneous imbibition in shale: A review of recent advances

Many important factors influencing imbibition, such as pore structure, pore size distribution, wettability, types of flowing space (organic pores/inorganic pores/ micro

BS 3533.pdf

Vacuum powder insulation 346 Vacuum reflective insulation 347 Valve box 440 Vapour barrier 348 Vapour check 349 Vapour permeability 141 Vapour permeance 140 Vapour resistance 142

Cisco UCS B440 M2 Blade Server

Figure 8 Emulex or QLogic I/O Adapter to UCS 2204/2208XP Fabric Extender (no slot 1 adapter) NOTE: External bandwidth is a function of both the fabric extender and the

Quest Domain Migration Wizard. User Guide Version 6.1

Agent Manager, Exchange 5.5 Processing Wizard, Exchange 2000 Processing Wizard, Directory Processing Wizard, SMS Processing Wizard, and SQL Processing Wizard will perform their

Highly Energy-Efficient On-Chip Pulsed-Current-Mode Transmission Line Interconnect

On-chip interconnects using RC lines have better characteristics in terms of area per bit than TLIs; this is because of the fine line width of the RC lines.. However, the

ABRIDGED AUDITED FINANCIAL RESULTS FOR THE YEAR ENDED 31 MARCH 2014

The impact of the debt conversion and subsequent transfer of shares to iCapital on the abridged consolidated statement of changes in equity is a decrease in the

Authentication, Authorization and Accounting Provided by Diameter Protocol

The Diameter Quality of service application provides AAA for quality of service reservations [15]. This means that a reservation request can be authenticated and authorized