Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco ASA Practice Lab Material or Books

Hello All,

I'm in the process of learning how to configure Cisco ASA. I've got the ASA simulated on GNS3.

Can some tell me where I can find books or material that has actual labs included in the book.

The books I have found seem to be handbook type of material. I need something that steps through a lab.

Cheers

Carlton

Everyone's tags (6)
15 REPLIES

Cisco ASA Practice Lab Material or Books

Hello Carlton,

You can always use the certifications books from Cisco, one each chapter they explain a feature and you can see a lab recreation ( configuration part) so you can implemented by yourself following the book and understanding the logic,

That is my opinion and what I have used so far.

Regards,

Julio

Cisco Security Engineer

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
New Member

Re: Cisco ASA Practice Lab Material or Books

Hi Julio, thanks for responding.

I have found a site with many ASA lab samples. The problem is I don't know how to test the lab... Attached is one of the labs I'm about to build. Can someone describe how I can test the lab?

Cheers

Carlton

Re: Cisco ASA Practice Lab Material or Books

Hello Carlton,

You can use a VMware machine as the internal host or another router, then configure the ASA as properly and just try to give to that host connectivity to a host on the outside interface of the ASA ( via ICMP,etc).

This lab is real simple to build on GNS. ( You can do it with 2 routers and one ASA, Just make the inside router able to ping the Outside router)

Regards

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
New Member

Re: Cisco ASA Practice Lab Material or Books

Julio, thanks again for responding.

I have already built this on GNS. My problem is I don't know how to actually test it - how to determine if its working?

Re: Cisco ASA Practice Lab Material or Books

Hello Carlton,

You would need to be able to ping from the inside router to the external router (or SSH or telnet)

Do you follow me?

Regards,

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
New Member

Re: Cisco ASA Practice Lab Material or Books

Julio,

I don't understand

New Member

Re: Cisco ASA Practice Lab Material or Books

Julio,

I don't think a simple ping will fully test this lab ....

Re: Cisco ASA Practice Lab Material or Books

Hello Carlton,

I checked the document again to see if I got wrong but nop I am right.

The whole purpose of the lab setup you have there is to be able to configure Dynamic Nat for the internal network when they go to the outside world using a 8.3 or higher version.

A Ping will fully showed you if its working or not. Now if you want to do it with another service.. Just use a packet-tracer and the result should be allowed and of course you will need to check a the NAT stage.

Edit: I sent you a private message, please check it

Regards,

Julio

Security Engineer

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
New Member

Re: Cisco ASA Practice Lab Material or Books

Julio,

I have replied.....

Re: Cisco ASA Practice Lab Material or Books

Hello,

Good but do you understand the purpose of the Lab now?

Regards,

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
New Member

Re: Cisco ASA Practice Lab Material or Books

Julio,

I will build the lab, however I still don't see how a simple ping will fully test this scenario...

What is the point with all the following commands on the ASA

object network OBJ_GENERIC_ALL 
 subnet 0.0.0.0 0.0.0.0

nat (inside,outside) source dynamic OBJ_GENERIC_ALL interface

route outside 0.0.0.0 0.0.0.0 10.165.200.225
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:...

New Member

Re: Cisco ASA Practice Lab Material or Books

Julio,

I guess I still don't understand the purpose of the lab.....

Re: Cisco ASA Practice Lab Material or Books

Hello Carlton,

The purpose of the lab is do NAT on 8.3 version ( because as you will need to know from 8.2 to 8.3 or higher versions this changes a lot).

So as on the PDF is marked as important that is what you need to focus on ( NAT), that's it bro!!

The other stuff in that configuration is there by default.

So what you will need to do in this lab:

1-Interface configuration

2-Nat configuration

3-Routing configuration

Now to make it more interesting after you configure all that, try to ping from the inside host to the outside host

Let me know the result of the lab as soon as you have it!

Regards,

Do rate all the helpful post

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
New Member

Re: Cisco ASA Practice Lab Material or Books

I'll be sure to let you know..

Cheers mate.

New Member

Dear Sir, Would you mind

Dear Sir, 

Would you mind sharing some of your PDF Labs, I'd like to practice them heavily. Thanks

ramkrista@gmail.com

Cheers!

-Ram

7306
Views
5
Helpful
15
Replies
CreatePlease to create content