Good ASA book... not for cert

Good evening all:

I'm struggling with this ASA 5505 that I'm setting up for someone and would like a recommendation on a good reference book. I'm not interested in any Cisco certs, just a good guide... maybe a 200-300 level assuming the reader has networking knowledge and some basic firewall and security understanding.

Thanks in advance

Find more posts tagged with

Comments

shednik

Hey blargo,

What version of the OS are you running on there? 8.x i'm assuming....here are a few but they are based off of 7.x

Amazon.com: Securing Your Business with Cisco ASA and PIX Firewalls (Networking Technology): Greg Abelar: Books

This ones 800+ pages but good
Amazon.com: Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance (Networking Technology): Omar Santos, Jazib Frahim: Books

And with all honesty the config guides on Shortcut Redirect - Cisco Systems are really well put together, I learned the most before my course in those docs.

What are you having trouble with specifically?

blargoe

shednik wrote: »

Hey blargo,

What version of the OS are you running on there? 8.x i'm assuming....here are a few but they are based off of 7.x

Amazon.com: Securing Your Business with Cisco ASA and PIX Firewalls (Networking Technology): Greg Abelar: Books

This ones 800+ pages but good
Amazon.com: Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance (Networking Technology): Omar Santos, Jazib Frahim: Books

And with all honesty the config guides on Shortcut Redirect - Cisco Systems are really well put together, I learned the most before my course in those docs.

What are you having trouble with specifically?

I'm using 8.x. I've had this thing in my home network for a while but haven't had time to mess with it much. I set up VPN a while back and have just been using it as my home firewall/router until I had time to do more. Fast forward to this week, now there is someone I know who is in need of a new firewall for their small business and I was just trying to work with my device at home to get familiar with the settings that he'll need at his office... Basic stuff like allowing smtp and https into his Exchange server.

I think I'm on the right track now. Rookie mistake that I should have caught. I was having issues with the access list, I did

access-list inside_access_in extended permit ip any any
access-group outside_access_in in interface outside

and thought that would allow all traffic from the outside while I learned how to do NAT on this thing, but it kept blocking everything I was trying to send inside the network. I later put in

tcp any any

which allowed me to access all of my services from outside, and was able to figure out NAT and finally lock back down the access list to something more appropriate.

I'm still going to check out those resources though. I'm going to be doing more with these devices in the future.

Thanks

dynamik

You're not using ADSM? Wow, you're pretty bad-ass for a Windows guy!

Let me know what you figure out. I need to get on this as well.

blargoe

I started my career in Linux... I have no fear of CLI

...

I started out trying to configure this in ADSM, but when I started looking online for help, everything I found referred to commands instead. Which was OK, I just found myself trying to remember command line syntax from like 8 years ago, which was more or less the last time I worked with Cisco stuff. I found that I retained almost nothing.

ADSM "help" is crap.

shednik

I actually use ASDM a good bit now...I like that you can configure whatever you'd like and it gives you the commands it generated before sending it to the ASA. This page right here was my bible for the first few weeks have guides for the CLI and ASDM.

Cisco ASA 5500 Series Adaptive Security Appliances Configuration Guides - Cisco Systems

As far as the access lists go they are similar to IOS except when using specific networks you use the general subnet mask rather then a wildcard.