Cisco ASA

From Dave-Wiki
Revision as of 22:20, 21 January 2025 by Dave (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Summary

Cisco ASA (Adaptive Security Appliance) is a robust, multifunctional security device designed by Cisco Systems to provide advanced firewall capabilities and other network security features. It is widely used in enterprise and service provider networks to protect against cyber threats, manage traffic, and ensure secure connectivity.

HA/Redundancy

Manual Failover

Manually failover a group to the peer firewall: 

admin# changeto system
show failover
failover active group 2

Move Context

Move context from group 2 to group 1:

Note: All groups must be on same firewall before you can move a context to another group. 

admin# changeto system
# failover active group 2
# conf t
(config)# context fw02
(config-ctx)# join-failover-group 1
(config-ctx)# end
# wr mem
# no failover active group 2

VPN

Debug

Debug Specific Peer

# debug crypto condition peer 1.1.1.1

# debug crypto ikev2 protocol 127

Stop All Debugs

# undebug all
Retrieved from "https://davehome.net/wiki/index.php?title=Cisco_ASA&oldid=448"