How HTTP protocol works?

HTTP functions as a request–response protocol in the client–server computing model. A web browser, for example, may be the client and an application running on a computer hosting a web site may be the server. The client submits an HTTP request message to the server. The server, which provides resources such as HTML files and [...]
Read More

How to setup the internet access through the Cisco ASA firewall?

Basic Guidelines for setting Internet through the Cisco ASA firewall: At first we need to configure the interfaces on the firewall. !— Configure the outside interface. interface GigabitEthernet0/0 nameif outside security-level 0 ip address 10.165.200.226 255.255.255.224 !— Configure the inside interface. interface GigabitEthernet0/1 nameif inside security-level 100 ip address 10.1.1.1 255.255.255.0 The nameif command gives [...]
Read More

What are the NAT syntax changes in the Cisco ASA firewall

There are major nat syntax changes after the ASA firewall iOS version 8.3. Regular static NAT: In the pre 8.3- static (inside,outside) 192.168.100.100 10.1.1.6 net mask 255.255.255.255 In the version 8.3 and later- object network obj-10.1.1.6 host 10.1.1.6 nat (inside,outside) static 192.168.100.100 Regular static PAT: In the pre 8.3- static (inside,outside) tcp 192.168.100.100 80 10.1.1.16 [...]
Read More

What is ICMP?

ICMP is Internet Control Message Protocol, a network layer protocol of the TCP/IP suite used by hosts and gateways to send notification of datagram problems back to the sender. It uses the echo test / reply to test whether a destination is reachable and responding. It also handles both control and error messages.

What is difference between DoS vs DDoS attacks?

In a Denial of Service (DoS) attack, a hacker uses a single Internet connection to either exploit a software vulnerability or flood a target with fake requests—usually in an attempt to exhaust server resources (e.g., RAM and CPU). On the other hand, Distributed Denial of Service (DDoS) attacks are launched from multiple connected devices that [...]
Read More

BIG-IP F5 LTM Load balancing methods

BIG-IP LTM provides a variety of load balancing methods to choose from. There are two types of load balancing methods. statistic load balancing method / mode. dynamic load balancing mode. 1. statistic load balancing mode:- There are two static load balancing modes. 1.Round robin 2.Ratio 2..Dynamic load balancing mode:- 1.least connections 2.fastest 3.observed 4.predictive 5.dynamic [...]
Read More

Acronyms

A • AAL: ATM Adaptation Layer • ABM: Asynchronous Balance Mode • ABR: Available Bit Rate • AC: Access Control • ACK: Acknowledgment • ADSL: Asymmetric Digital Subscriber Links • ANI: Automatic Number Identification • ANSI: American National Standards Institute • API: Application Programming Interface • ARM: Asynchronous Response Mode • ARP: Address Resolution Protocol [...]
Read More

BGP Quick notes

A transit AS is an AS that routes traffic from one external AS to another external AS   The “show ip bgp” command is used to display entries in the BGP routing table.   The AS-PATH attribute is used to prevent BGP routing loops. When receiving an BGP advertisement, the router checks the AS-PATH attribute, [...]
Read More

Passive interface (RIP,OSPF,EIGRP)

Passive-interface command is used in all routing protocols to disable sending updates out from a specific interface. However the command behavior varies from o­ne protocol to another. RIP: In RIP this command will disable sending multicast updates via a specific interface but will allow listening to incoming updates from other RIP enabled neighbors.This simply means [...]
Read More

Quick notes for EIGRP

EIGRP  is  a Cisco proprietary protocol which means it will work only on Cisco routers. EIGRP is also called advanced distance vector or Hybrid routing protocol. Multicast or unicast is used for exchange of information. Multiple network layer protocols are supported. 100% loop-free. By default,EIGRP will limit itself to use no more than 50% of [...]
Read More

Memorising the BGP decision making process

1. Weight (Bigger is better) 2. Local preference (Bigger is better) 3. Self originated (Locally injected is better than iBGP/eBGP learned) 4. AS-Path (Smaller is better) 5. Origin 6. MED (Smaller is better) 7. External (Prefer eBGP over iBGP) 8. IGP cost (Smaller is better) 9. EBGP Peering (Older is better) 10. Router- ID

What is Multi VLAN port ?

The multi-VLAN port is a feature which allows switch for configuring a single port for two or more vlans. This feature allows users from different VLANs to access a server or router without implementing InterVLAN routing capability. A multi-VLAN port performs normal switching functions in all its assigned VLANs. Multi-VLAN port will not work when [...]
Read More

Cisco ASA troubleshooting commands

AAA debug radius debug tacacs show aaa-server protocol PROTOCOL_NAME test aaa-server Access Control Lists show access-list show run | include ACCESS_LIST_NAME show run object-group show run time-range Application Inspection show conn state STATE_TYPE detail show service-policy Configuring Interfaces show firewall show int show int ip brief show ip show mode show nameif show run interface [...]
Read More

What is the use of default route?

In computer networking, the default route is a setting on a computer that defines the packet forwarding rule to use when no specific route can be determined for a given Internet Protocol (IP) destination address. All packets for destinations not established in the routing table are sent via the default route. The default route generally [...]
Read More

SNMP

Simple Network Management Protocol (SNMP) is an application–layer protocol defined by the Internet Architecture Board (IAB) in RFC1157 for exchanging management information between network devices. It is a part of Transmission Control Protocol⁄Internet Protocol (TCP⁄IP) protocol suite. SNMP is one of the widely accepted protocols to manage and monitor network elements. Most of the professional–grade [...]
Read More

How ARP works?

ARP stands for Address Resolution Protocol. When you try to ping an IP address on your local network, say 192.168.1.1, your system has to turn the IP address 192.168.1.1 into a MAC address. This involves using ARP to resolve the address, hence its name. Systems keep an ARP look-up table where they store information about [...]
Read More

How Load balancer works?

A load balancer is a device that acts as a reverse proxy and distributes network or application traffic across a number of servers. Load balancers are used to increase capacity (concurrent users) and reliability of applications. They improve the overall performance of applications by decreasing the burden on servers associated with managing and maintaining application and [...]
Read More

TCP- Three way handshake

The Three-way handshake begins with the initiator sending a TCP segment with the SYN control bit flag set. TCP allows one side to establish a connection. The other side may either accept the connection or refuse it. If we consider this from application layer point of view, the side that is establishing the connection is [...]
Read More

SPAN

The SPAN feature, which is sometimes called port mirroring or port monitoring, selects network traffic for analysis by a network analyzer. The network analyzer can be a Cisco SwitchProbe device or other Remote Monitoring (RMON) probe.  

How to configure Site-to-Site VPN on Cisco ASA?

Access-Lists Add the ACLs which we will need to NAT, the encryption domain and the group policy. access-list Example_Policy_ACL extended permit tcp object-group Local_LAN object-group Remote_LAN eq 80 access-list Example_Policy_ACL extended deny ip any any access-list Example_VPN_ACL permit ip object-group Local_LAN object-group Remote_LAN Group Policy Create your group policy which will restrict traffic between hosts [...]
Read More

How packet flow in Palo Alto Firewall?

Basic: Initial Packet Processing —-> Security Pre-Policy —-> Application —-> Security Policy —-> Post Policy Processing Advance: Initial Packet Processing —-> Source Zone/Source Address —-> Forward Lookup —-> Destination Zone/Destination Address —-> NAT policy evaluated   Security Pre-Policy —-> Check Allowed Ports —-> Session Created   Application —-> Check for Encrypted Traffic —-> Decryption Policy —-> Application Override Policy —-> Application ID [...]
Read More

How packet flows in Checkpoint firewall?

Checkpoint process the packet in the ingress and the egress using two CHAINS. Basic: -Physical layer – ingress interface -Data Link Layer/Ethernet -Inspect Driver [inspect Engine] -Network Layer/IP Routing -Inspect Driver -Data Link Layer/Ethernet -Physical layer – egress interface Advance: 1. NIC hardware -The network card receives electrical signalling from the link partner. 2. NIC [...]
Read More

How to configure QoS on Cisco ASA firewall

There are three steps for configuring the QoS on Cisco ASA firewall 1.Identify the traffic or define the traffic classes. To identify the traffic first create a new access-list to match the traffic. Once access-list is created call it in the class-map ciscoasa(config)#access-list qos extended permit tcp any any eq 25 ciscoasa(config)#class-map qos ciscoasa(config-cmap)#match access-list [...]
Read More

Cisco ASA firewall common troubleshooting commands part 1

Check the system status myfirewall/pri/act# show firewall Firewall mode: Router myfirewall/pri/act# show version Cisco Adaptive Security Appliance Software Version 9.1(1) Device Manager Version 7.1(1)52 Compiled on Wed 28-Nov-12 10:38 by builders System image file is “disk0:/asa911-k8.bin” Config file at boot was “startup-config” myfirewall up 218 days 1 hour failover cluster up 5 years 10 days [...]
Read More