Cisco ASA: Difference between revisions

From Dave-Wiki
No edit summary
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
=Summary=
Cisco ASA (Adaptive Security Appliance) is a robust, multifunctional security device designed by Cisco Systems to provide advanced firewall capabilities and other network security features. It is widely used in enterprise and service provider networks to protect against cyber threats, manage traffic, and ensure secure connectivity.
=HA/Redundancy=
=HA/Redundancy=


Line 28: Line 32:
===Debug Specific Peer===
===Debug Specific Peer===


<code># debug crypto condition peer 1.1.1.1</code>
# debug crypto condition peer 1.1.1.1


<code># debug crypto ikev2 protocol 127</code>
# debug crypto ikev2 protocol 127


===Stop All Debugs===
===Stop All Debugs===


<code># undebug all</code>
# undebug all

Latest revision as of 22:20, 21 January 2025

Summary

Cisco ASA (Adaptive Security Appliance) is a robust, multifunctional security device designed by Cisco Systems to provide advanced firewall capabilities and other network security features. It is widely used in enterprise and service provider networks to protect against cyber threats, manage traffic, and ensure secure connectivity.

HA/Redundancy

Manual Failover

Manually failover a group to the peer firewall: 

admin# changeto system
show failover
failover active group 2

Move Context

Move context from group 2 to group 1:

Note: All groups must be on same firewall before you can move a context to another group. 

admin# changeto system
# failover active group 2
# conf t
(config)# context fw02
(config-ctx)# join-failover-group 1
(config-ctx)# end
# wr mem
# no failover active group 2

VPN

Debug

Debug Specific Peer

# debug crypto condition peer 1.1.1.1

# debug crypto ikev2 protocol 127

Stop All Debugs

# undebug all
Retrieved from "https://davehome.net/wiki/index.php?title=Cisco_ASA&oldid=448"