cisco asav configuration lab
TRANSCRIPT
![Page 1: Cisco ASAv Configuration Lab](https://reader030.vdocument.in/reader030/viewer/2022021500/58f1e0231a28ab47598b4589/html5/thumbnails/1.jpg)
Cisco ASAv Configuration Lab (in progress)VMware and Linux basedCLI configuration only
![Page 2: Cisco ASAv Configuration Lab](https://reader030.vdocument.in/reader030/viewer/2022021500/58f1e0231a28ab47598b4589/html5/thumbnails/2.jpg)
Network topology created on GNS3
VMware topology diagram
![Page 3: Cisco ASAv Configuration Lab](https://reader030.vdocument.in/reader030/viewer/2022021500/58f1e0231a28ab47598b4589/html5/thumbnails/3.jpg)
Lab requirements
● Must be CLI configuration only● Create network topology in VMware● Configure services (DHCP, NAT and Identity NAT)● Configure object (network, services and groups) and ACLs● Layer 5-7 advanced inspection ● Configure site-to-site IPSec VPN● Enable SNMP and NetFlow● Use free Linux NMS based on Nagios OMD - Open Monitoring Distribution
![Page 4: Cisco ASAv Configuration Lab](https://reader030.vdocument.in/reader030/viewer/2022021500/58f1e0231a28ab47598b4589/html5/thumbnails/4.jpg)
DHCP Server configuration
![Page 5: Cisco ASAv Configuration Lab](https://reader030.vdocument.in/reader030/viewer/2022021500/58f1e0231a28ab47598b4589/html5/thumbnails/5.jpg)
Dynamic NAT/PAT configuration
![Page 6: Cisco ASAv Configuration Lab](https://reader030.vdocument.in/reader030/viewer/2022021500/58f1e0231a28ab47598b4589/html5/thumbnails/6.jpg)
Dynamic NAT/PAT configuration
![Page 7: Cisco ASAv Configuration Lab](https://reader030.vdocument.in/reader030/viewer/2022021500/58f1e0231a28ab47598b4589/html5/thumbnails/7.jpg)
Dynamic NAT/PAT configuration
![Page 8: Cisco ASAv Configuration Lab](https://reader030.vdocument.in/reader030/viewer/2022021500/58f1e0231a28ab47598b4589/html5/thumbnails/8.jpg)
Dynamic NAT/PAT configuration
![Page 9: Cisco ASAv Configuration Lab](https://reader030.vdocument.in/reader030/viewer/2022021500/58f1e0231a28ab47598b4589/html5/thumbnails/9.jpg)
Object Groups and ACLs configuration/verification
![Page 10: Cisco ASAv Configuration Lab](https://reader030.vdocument.in/reader030/viewer/2022021500/58f1e0231a28ab47598b4589/html5/thumbnails/10.jpg)
Object Groups and ACLs configuration/verification
![Page 11: Cisco ASAv Configuration Lab](https://reader030.vdocument.in/reader030/viewer/2022021500/58f1e0231a28ab47598b4589/html5/thumbnails/11.jpg)
Object Groups and ACLs configuration/verification
![Page 12: Cisco ASAv Configuration Lab](https://reader030.vdocument.in/reader030/viewer/2022021500/58f1e0231a28ab47598b4589/html5/thumbnails/12.jpg)
Object Groups and ACLs configuration/verification
![Page 13: Cisco ASAv Configuration Lab](https://reader030.vdocument.in/reader030/viewer/2022021500/58f1e0231a28ab47598b4589/html5/thumbnails/13.jpg)
Object Groups and ACLs configuration/verification
![Page 14: Cisco ASAv Configuration Lab](https://reader030.vdocument.in/reader030/viewer/2022021500/58f1e0231a28ab47598b4589/html5/thumbnails/14.jpg)
Layer 7 advanced inspection configuration/verification
![Page 15: Cisco ASAv Configuration Lab](https://reader030.vdocument.in/reader030/viewer/2022021500/58f1e0231a28ab47598b4589/html5/thumbnails/15.jpg)
Layer 7 advanced inspection configuration/verification
![Page 16: Cisco ASAv Configuration Lab](https://reader030.vdocument.in/reader030/viewer/2022021500/58f1e0231a28ab47598b4589/html5/thumbnails/16.jpg)
London-FW1(config)# flow-export destination MANAGEMENT 192.168.1.156 2055
London-FW1(config)# flow-export template timeout-rate 1
London-FW1(config)# flow-export delay flow-create 60
London-FW1(config)# logging flow-export-syslogs disable
London-FW1(config)# access-list IPANY extended permit ip any any
London-FW1(config)# class-map NETCLASS
London-FW1(config-cmap)# match access-list IPANY
London-FW1(config)# policy-map NETPOLICY
London-FW1(config-pmap)# class NETCLASS
London-FW1(config-pmap-c)# flow-export event-type all destination 192.168.1.156
London-FW1(config)# service-policy NETPOLICY global