Introduction to firewalls
The firewall is a barrier between LAN and WAN networks (trusted
and untrusted networks), we configure the firewall in the forwarding path of the
network so each packet have to be checked by our firewall.
There are two kinds of firewalls one is software firewalls
just like preinstalled with Microsoft Windows. The second one is the hardware firewall
which we are going to see.
From the above diagram, we have LAN with two host PC and a cisco switch. On the other hand, you
can see a router that is connected to the ISP for an internet connection. We place
our firewall in between to protect our LAN network.
Stateless and
stateful filtering.
You can use a router
as a firewall but it's not a good choice because most the router does not spend
much time on filtering, the router checks the access list for the port number source
and destination IP address if it matches in the entry of access-list router is
going to permit or deny the packet and router do not keep track of the
packet this is called stateless filtering but the firewall uses stateful
filtering, the firewall keeps track of all incoming and outgoing connections.
ASA (Adaptive
Security Appliance) is a cisco security device that combines the classic firewall with VPN, IPS (Intrusion Prevention System), and antivirus
capabilities. ASA is capable of providing threat defense before most of the
attacks spread into our LAN network.
I think we have done
enough talking rest of the theory we will see in the next section.
let's see how to configure: -
Topology: -
Goal:
- Configure the topology as per the diagram
- Assign an IP address to the ASA interface
- Configure nameif to the ASA interface
- Configure the security level to the interface
- Configure hostname to ASA Firewall
- Configure password
ciscoasa>enable
Password:
ciscoasa(config)#interface gigabitEthernet 1/1
ciscoasa(config-if)#ip address 10.1.1.2 255.0.0.0
ciscoasa(config-if)#no shutdown
ciscoasa(config-if)#nameif inside
ciscoasa(config-if)#security-level 100
ciscoasa(config-if)#exit
ciscoasa(config)#hostname ASA-Firewall
ASA-Firewall(config)#enable password internetworks
ASA-Firewall(config)#username Admin password internetworks
ASA-Firewall(config)#end
No comments:
Post a Comment