New job - need ASA practice

tr1x

A new job I'll be starting requires the daily use of ASA's and VPN tunnels. What would you guys recommend I read to get more familiar with this stuff before I start the job? Is there any way of putting together a cheap lab with an ASA? I have routers and switches already.

ThunderPipe

Hmmm...I manage my company's VPNs. ASA5520's and ASA5505's. Everything I know I've learned from someone else, or troubleshooting them myself. I've looked through Cisco's site and googled the mess out of them when something went wrong. But I'm at a loss for external resources really. I've learned a lot though. Any particular questions? I think the CCNA security route goes over ASAs.

I'd consider posting this in the CCNA/CCNP forums for more views and replies.

tr1x

I don't have any specific questions, I just want to be familiar with everything for when I start. I haven't worked on a PIX or ASA in over a year. I have to take the CCNA Security through WGU anyway, maybe I should just buy a CCNA Security book and study that to get more familiar?

docrice

The CCNA Security doesn't cover ASAs. You have to look at the CCNP Security level for that. There's also a bit of difference between the code versions before and after the 8.3 release, namely in the NAT department.

While there are a number of books on ASAs on the market, you can also just read the user guide from Cisco:

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/asa_84_cli_cfg.pdf

tr1x

That sounds like a good idea, thanks docrice!

terryfera

If you're looking for something to practice on the ASA 5505's are fairly cheap on ebay (around the $200 mark it looks) and with the equipment you already have you can play with VPN tunnels (ASA to Router) or some of the other single ASA features.

I have a copy of this book: Securing Your Business with Cisco ASA and PIX Firewalls: Amazon.ca: Greg Abelar: Books
I wouldn't recommend it unless you're looking for a basic overview of ASDM.
This book on the other hand goes in to much more detail: Cisco Firewalls: Amazon.ca: Alexandre M.S.P. Moraes: Books

You can also look at getting an ASA image working in GNS3, a quick google search should point you in the right direction

Sett

"ASA: All in one" is a nice book. It helped me a lot when I had to start working with ASA/FWSM and I hadn't had previous experience with that.

phoeneous

This helped me when I first started out on the ASA's. Nothing buts real equipment though.

Cisco Firewall Video Mentor (Video Learning)

VAHokie56

I got my asa up in GNS3...there are some pretty decent you tube videos out there that go over basics.

VAHokie56

phoeneous wrote: »

This helped me when I first started out on the ASA's. Nothing buts real equipment though.

Cisco Firewall Video Mentor (Video Learning)

Oh boy... David Huckaby will put you to sleep, drink some AMP before you watch those

tr1x

Thanks a lot for the responses. I'll get one set up in GNS3 for now and take a look at some of those books while I go through the pdf docrice posted.

MrBishop

There is a demo gui that you can use to get familiarized with the product. It's called Cisco ASDM Demo check here: Cisco Adaptive Security Device Manager - Products & Services - Cisco Systems