So a single ISP isn’t cutting it anymore you need a backup just in case the primary fails and might as well add a second ASA into this design, more redundancy equals more up-time, right? On paper it sounds good but in the “real” world there probably is tipping point, more redundancy increases complexity. In this post we’ll aim to keep it simple, with setting up a Cisco ASA HA active/standby pair and then add in the second ISP. Let’s get started!
Let’s start out 2018 with private VLANs, with PVLANs the network gets a little more privacy added to it. When we have privacy on the network we can seclude certain parts of it. Essentially, “you can go about your business – move along, move along”. Private VLANs allow us to segment networks within a single VLAN. So in this post we’ll go over the types of PVLANs as well as setup a network topology with private VLANs, Let’s get started! Continue reading “Private VLANs”
From its older brother IGRP which was developed in 1980s to overcome the limitations of RIP, EIGRP was an “Enhanced” IGRP protocol. The main purpose of EIGRP was to overcome the limitations of classful networks and make EIGRP a classless routing protocol. During designing of this protocol a different convergence algorithm was used making EIGRP that “hybrid” between distance-vector and link-state routing protocols. In this post we’ll go over a basic design and setup for EIGRP, however instead of using the “classic way” let’s look at configuring EIGRP using named mode which is available in Cisco IOS starting in version 15.2
I got my hands on some Cisco Firepower 4100 units and after playing around with them I wanted to reset them to factory settings, essentially erase the “startup-config” on the FXOS. The Firepower units act a little differently than your normal Cisco IOS or ASA and you can’t just erase startup-config and reload the device, that would be too easy. (Edit: 7-21-17) After Gabriele made this comment it looks like you can. You also can follow the password recovery on this post which will also erases the configuration. Continue reading “Factory Reset Firepower 4100 & 9300”
In this configuration I’m at looking at using Microsoft NPS 2012 R2 as radius server and I’m going to skip the installation of NPS because it really is just a next, next, finish installation. In this demo I already have this NPS system connected to a Windows domain, my goal is to create role based access on Cisco IOS routers while using radius to login. I’ll have a couple for active directory accounts each them will represent different types of allowed access to these IOS routers. One account will get full administrative access while the other will only get read access, how cool cat is that 😉 !