Tuesday, 25 June 2024

BGP config on cisco ASA

 

interface GigabitEthernet0/5

 description *** Connection to BGP ***

 nameif BGP

 security-level 50

 ip address 10.1.252.1 255.255.255.252


router bgp 65534

 bgp log-neighbor-changes

 address-family ipv4 unicast

  neighbor 10.1.252.2 remote-as 65533

  neighbor 10.1.252.2 transport path-mtu-discovery

  neighbor 10.1.252.2 activate

  network 10.1.0.0

  redistribute static metric 4294967295 route-map RM_ROUTES_TO_REDIST

  default-information originate

  no auto-summary

  no synchronization

 exit-address-family

Posted by at No comments:
Labels: ,

Nessus expert attack surface discovery

It wasn't working

Need FW access with no SSL decrypt to these sites:

https://community.tenable.com/s/article/Which-Tenable-sites-should-I-whitelist?language=en_US

Posted by at No comments:

Tuesday, 11 June 2024

make palo alto passive become active firewall

CLI

 request high-availability state peer suspend

Posted by at No comments:
Labels:

Thursday, 6 June 2024

Switched FTD to ASA code but strong encryption license disabled/missing (3DES-AES)

 Self-service steps to obtain  3DES (-K9) license in LRP

1- Log in License Registration Portal (https://tools.cisco.com/SWIFT/LicensingUI/Quickstart) using your Cisco.com ID.

2- Select “Show: All Licenses for (your name)”.

3- Select the “Get Licenses” menu, then “IPS, Crypto, Other”.

4- Select “Security Products” under “Product Family”.

5- Select the required 3DES/AES license type and hit “Next”.

6- Enter the “show ver” Serial Number of the ASA the license will be registered to and hit “Next”.

7- Follow screen prompts to complete the transaction.


Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)