Содержание
- 2. Chapter Outline 10.0 Introduction 10.1 ASA Security Device Manager 10.2 ASA VPN Configuration 10.3 Summary
- 3. Section 10.1: ASA Security Device Manager Upon completion of this section, you should be able to:
- 4. Topic 10.1.1: Introduction to ASDM
- 5. Overview of ASDM
- 6. Preparing for ASDM Verify Connectivity to the ASA Preparing the ASA 5505
- 7. Starting ASDM ASDM Security Certificate ASDM Launch Window
- 8. Starting ASDM (Cont.) ASDM Security Warning - 2 ASDM Security Warning - 1
- 9. Starting ASDM (Cont.) Smart Call Home Window Authenticate to Use ASDM
- 10. ASDM Home Page Dashboards ASDM Device Dashboard Page
- 11. ASDM Home Page Dashboards (Cont.) ASDM Firewall Dashboard Page
- 12. ASDM Page Elements
- 13. ASDM Configuration and Monitoring Views Configuration View
- 14. ASDM Configuration and Monitoring Views (Cont.) Monitoring View
- 15. Configure and Access on an ASA5505
- 16. Topic 10.1.2: ASDM Wizard Menu
- 17. ASDM Wizards
- 18. The Startup Wizard Startup Wizard Starting Point Window Startup Wizard Basic Configuration Window
- 19. The Startup Wizard (Cont.) Startup Wizard Interface Selection Window Startup Wizard Switch Port Allocation Window
- 20. The Startup Wizard (Cont.) Startup Wizard Interface IP Address Configuration Window Startup Wizard DHCP Server Window
- 21. The Startup Wizard (Cont.) Startup Wizard Address Translation (NAT/PAT) Window Startup Wizard Administrative Access Window
- 22. The Startup Wizard (Cont.) Startup Wizard Summary Window
- 23. Different Types of VPN Wizards ASDM VPN Wizards ASDM Remote Access VPN Assistant
- 24. Other Wizards
- 25. Topic 10.1.3: Configuring Management Settings and Services
- 26. Configuring Settings in ASDM Configuration Device Setup Tab
- 27. Configuring Settings in ASDM (Cont.) Configuration Device Management Tab
- 28. Configuring Basic Settings in ASDM Configuring Hostname, Domain Name, and Enable Password Configuring a Master Passphrase
- 29. Configuring Basic Settings in ASDM (Cont.) Configuring Legal Notification
- 30. Configuring Interfaces in ASDM Configuring Interfaces
- 31. Configuring Interfaces in ASDM (Cont.) Adding an Outside Interface Change Switch Port Window
- 32. Configuring Interfaces in ASDM (Cont.) Adding an Outside Interface
- 33. Configuring Interfaces in ASDM (Cont.) Advanced Outside Interface Settings Updated Interface Page
- 34. Configuring Interfaces in ASDM (Cont.) Verifying Interfaces
- 35. Configuring Interfaces in ASDM (Cont.) Enable Switch Ports Apply Configuration
- 36. Configuring the System Time in ASDM Manually Change the System Time Use NTP to Change the
- 37. Configuring the System Time in ASDM (Cont.) Add an NTP Server Configure an NTP Server
- 38. Configuring the System Time in ASDM (Cont.) Apply the Configuration
- 39. Configuring Routing in ASDM Configuring Routing Configuring a Default Static Route
- 40. Configuring Routing in ASDM (Cont.) Add Static Route Details Add or Edit Route Window
- 41. Configuring Routing in ASDM (Cont.) Apply the Configuration
- 42. Configuring Device Management Access in ASDM Configure ASDM/HTTPS/Telnet/SSH Access
- 43. Configuring Device Management Access in ASDM (Cont.) Add Device Access Configuration Window Configure SSH Settings
- 44. Configuring DHCP Services in ASDM DHCP Server Page
- 45. Configuring DHCP Services in ASDM (Cont.) Edit DHCP Server Window
- 46. Configuring DHCP Services in ASDM (Cont.) Configuring DHCP Server Services
- 47. Configuring DHCP Services in ASDM (Cont.) Verifying DHCP Server Services
- 48. Topic 10.1.4: Configuring Advanced ASDM Features
- 49. Objects in ASDM Network Objects/Groups Page
- 50. Objects in ASDM (Cont.) Adding a Network Object/Group Add Network Object Window
- 51. Objects in ASDM (Cont.) Add Network Object Group Window
- 52. Objects in ASDM (Cont.) Service Objects/Group Page
- 53. Objects in ASDM (Cont.) Adding a Service Object/Group Add Service Object Window
- 54. Objects in ASDM (Cont.) Add Service Object Group Window
- 55. Configuring ACLs Using ASDM ACLs in ASDM
- 56. Configuring ACLs Using ASDM (Cont.) Diagramming Access Rules Add Access Rule Window
- 57. Configuring Dynamic NAT in ASDM Add Network Object Window Creating a Network Object for Public Addresses
- 58. Configuring Dynamic NAT in ASDM (Cont.) Creating a Network Object for Dynamic NAT
- 59. Configuring Dynamic PAT in ASDM
- 60. Configuring Static NAT in ASDM Static NAT in ASDM Advanced Static NAT Settings in ASDM
- 61. Configuring AAA Authentication User Accounts Page
- 62. Configuring AAA Authentication (Cont.) Add User Account Window
- 63. Configuring AAA Authentication (Cont.) AAA Server Groups Page
- 64. Configuring AAA Authentication (Cont.) Add AAA Server Group Window Add AAA Server Window
- 65. Configuring AAA Authentication (Cont.) Completed AAA Server Groups Window
- 66. Configuring AAA Authentication (Cont.) AAA Access Page
- 67. Configuring AAA Authentication (Cont.) AAA Access > Authentication Window
- 68. Configuring a Service Policy Using ASDM Service Policy in ASDM
- 69. Configuring a Service Policy Using ASDM (Cont.) Configure a Service Policy
- 70. Configuring a Service Policy Using ASDM (Cont.) Configure Traffic Classification Criteria
- 71. Configuring a Service Policy Using ASDM (Cont.) Configure Actions
- 72. Section 10.2: ASA VPN Configuration Upon completion of this section, you should be able to: Explain
- 73. Topic 10.2.1: Site-to-Site VPNs
- 74. ASA Support for Site-to-Site VPNs
- 75. ASA Site-to-Site VPNs Using ASDM
- 76. Configuring the ISR Site-to-Site VPNs Using the CLI Basic ISR Configuration Configure the ISAKMP Policy
- 77. Configuring the ISR Site-to-Site VPNs Using the CLI (Cont.) Configure the IPsec and VPN ACL Configure
- 78. Configuring the ASA Site-to-Site VPNs Using ASDM Basic ISR Configuration
- 79. Configuring the ASA Site-to-Site VPNs Using ASDM (Cont.) Introduction Window Peer Device Identification Window
- 80. Configuring the ASA Site-to-Site VPNs Using ASDM (Cont.) Traffic to Protect Window Security Window
- 81. Configuring the ASA Site-to-Site VPNs Using ASDM (Cont.) NAT Exempt Window Summary Window
- 82. Verifying Site-to-Site VPNs Using ASDM
- 83. Test the Site-to-Site VPNs Using ASDM Establish the VPN Tunnel Connection to the Remote Network
- 84. Test the Site-to-Site VPNs Using ASDM (Cont.) Monitoring the VPN Tunnel
- 85. Test the Site-to-Site VPNs Using ASDM (Cont.) Verify VPN Tunnel Connectivity from the External Host
- 86. Topic 10.2.2: Remote-Access VPNs
- 87. Remote-Access VPN Options
- 88. IPsec Versus SSL
- 89. IPsec Versus SSL (Cont.) Comparing IPsec and SSL
- 90. ASA SSL VPNs Remote Access VPN Wizards
- 91. ASA SSL VPNs (Cont.) Cisco ASA SSL Remote Access VPN Solutions
- 92. Clientless SSL VPN Solution Cisco ASA Clientless SSL VPN Deployment
- 93. Clientless SSL VPN Solution (Cont.) Clientless Login Web page Web Portal Home Page
- 94. Client-Based SSL VPN Solution
- 95. Cisco AnyConnect Secure Mobility Client AnyConnect Authenticate Window AnyConnect Connection Window
- 96. Cisco AnyConnect Secure Mobility Client (Cont.) AnyConnect Statistics Window AnyConnect Authenticated Window
- 97. AnyConnect for Mobile Devices Cisco AnyConnect Secure Mobility Client is available on the following platforms: iOS
- 98. Topic 10.2.3: Configuring Clientless SSL VPN
- 99. Configuring Clientless SSL VPN on an ASA ASDM Assistant Clientless VPN Wizard
- 100. Sample Clientless VPN Topology
- 101. Clientless SSL VPN SSL VPN Interface Window Clientless SSL VPN Introduction Window
- 102. Clientless SSL VPN (Cont.) Group Policy Window User Authentication Window
- 103. Clientless SSL VPN (Cont.) Configure GUI Customization Objects Window Bookmark List Window
- 104. Clientless SSL VPN (Cont.) Select Bookmark Type Window Add Bookmark List Window
- 105. Clientless SSL VPN (Cont.) Revised Add Bookmark List Window Add Bookmark Window
- 106. Clientless SSL VPN (Cont.) Revised Bookmark List Window Revised Configure GUI Customization Objects Window
- 107. Clientless SSL VPN (Cont.) Summary Window
- 108. Verifying Clientless SSL VPN
- 109. Testing the Clientless SSL VPN Connection Logon Window Security Certificate Window
- 110. Testing the Clientless SSL VPN Connection (Cont.) Web Portal Web Access Page Web Portal Home Page
- 111. Testing the Clientless SSL VPN Connection (Cont.) Log Out of the Web Portal Web Portal File
- 112. Viewing the Generated CLI Config
- 113. Topic 10.2.4: Configuring AnyConnect SSL VPN
- 114. Configuring SSL VPN AnyConnect Client-Based VPN Wizard ASDM Assistant
- 115. Sample SSL VPN Topology
- 116. AnyConnect SSL VPN Connection Profile Identification Window AnyConnect VPN Wizard Introduction Window
- 117. AnyConnect SSL VPN (Cont.) VPN Protocols Window
- 118. AnyConnect SSL VPN (Cont.) Add AnyConnect Client Image Window Client Images Window
- 119. AnyConnect SSL VPN (Cont.) Add AnyConnect Client Image Window Browse Flash Window
- 120. AnyConnect SSL VPN (Cont.) Completed Client Images Window
- 121. AnyConnect SSL VPN (Cont.) Authentication Methods Window
- 122. AnyConnect SSL VPN (Cont.) Add IPv4 Window Client Address Management Window
- 123. AnyConnect SSL VPN (Cont.) Network Name Resolution Servers Window Completed Client Address Management Window
- 124. AnyConnect SSL VPN (Cont.) Completed Network Name Resolution Servers Window
- 125. AnyConnect SSL VPN (Cont.) Completed NAT Exempt Window NAT Exempt Window
- 126. AnyConnect SSL VPN (Cont.) Summary Window AnyConnect Client Deployment
- 127. Verifying AnyConnect Connection AnyConnect Connection Profiles Page
- 128. Verifying AnyConnect Connection (Cont.) Verifying the Client-Based Configuration
- 129. Install the AnyConnect Client Logon Window Security Certificate Window
- 130. Install the AnyConnect Client (Cont.) Manual Installation Window Cisco AnyConnect VPN Client Window
- 131. Install the AnyConnect Client (Cont.) Run Installer Window
- 132. Install the AnyConnect Client (Cont.) Cisco AnyConnect VPN Client Setup Window
- 133. Install the AnyConnect Client (Cont.) End-User Agreement Window User Account Control Security Window
- 134. Install the AnyConnect Client (Cont.) Ready to Install AnyConnect Client Installing the AnyConnect Client
- 135. Install the AnyConnect Client (Cont.) Complete Cisco AnyConnect VPN Installation
- 136. Install the AnyConnect Client (Cont.) Start the Cisco AnyConnect VPN Cisco Cisco AnyConnect VPN Client Window
- 137. Install the AnyConnect Client (Cont.) Cisco AnyConnect VPN Connect Window Certificate Security Warning Window
- 138. Install the AnyConnect Client (Cont.) Cisco AnyConnect VPN Authentication Window Cisco AnyConnect VPN Icon in System
- 139. Install the AnyConnect Client (Cont.) Cisco AnyConnect VPN Client Status Verifying Connectivity to Internal Network
- 140. Viewing the Generated CLI Config AnyConnect SSL VPN Configuration settings: NAT WebVPN Group policy Tunnel group
- 141. Section 10.3: Summary Chapter Objectives: Implement an ASA firewall configuration. Configure remote-access VPNs on an ASA.
- 144. Скачать презентацию