Browsing All Posts filed under »ASA«

perl script to query cisco asa

September 17, 2013

0

I wanted to issue show command on multiple firewalls without any expensive software. I have found a script here https://docs.google.com/document/d/1Q0TfyezOTCKZ7DF2kPBps_7LG80D3BJLrFDuOwBUZNI/edit?pli=1 This script is good and can be used as a base. I have changed it a bit. See the pic. I should not hide the codes in pic ;-) . It is here in the […]

Firewall topology within a second – V2.0

September 16, 2013

5

There are time consuming jobs like creating a topology about the network of big companies, if they have an issue or some problem or it should be just dokumented as our ISO27001 Standard expects and it must be always up-to-date… I created a script that uses perl to build from the cisco asa firewall running […]

Analysing Cisco ASA connection table

September 16, 2013

10

The “show connection all” command shows the actual session table of a Cisco ASA firewall. If the output is not more million entry you can create a top list from it with a perl script I made. (Actually you can work with an output of more million entry as well, but it may require more […]

The nine

February 15, 2013

1

Normally I do not write about new releases from security product manufacturers, but this Cisco ASA version resolves some disadvantages against Checkpoint. IT IS And I would be glad to test those since I am a Cisco fun :-) The HW models are all supported, the question is if the features make it too: … […]

Migrate Cisco ASA configuration, certificates and private keys

November 4, 2012

0

The fact I wrote this post is to clear what happens with the RSA keys if I move the whole configuration and certificates and their private keys to another firewall with the same IP Address. IF the IP has changed the migration ofthe certificate has not much sense if the certificate is based on IP. […]

Certficate renewal – how was it after years?

April 18, 2012

0

Actually you cannot renew an existing certificate, but you can generate a new one with the same subject and same mandatory fields. For that you have to generate a certificate request again within a new trustpoint and not with the old one. The issuer of the previous certificate should sign the new certificate request and […]

Export and import the trustpoint

March 16, 2012

0

To test something in a Lab with another firewall or migrate a whole VPN with certificate to another ASA firewall we have a possibility to migrate the certificate of the firewall to another one. To do it so easily on a Checkpoint firewall  will be always just a dream… The exported data holds the followings: […]