This update is where I have managed to get all the pieces together to form a complete Infrastructure as Code pipeline for the self-service firewall rules on the Cisco ASA. The Go firewall project incorporates the ASA API Terraform project and a GitLab pipeline. The flow of the application in the current prototype is as […]
Go Firewall Rule Self-Service – v0.04 Milestone Read More »
This current version will use the Go web application to create a Cisco ASA firewall rule on the OUTSIDE interface to permit traffic to my DMZ server on port 8000. The firewall rule on the ASA will be created without any Cisco ASA CLI commands used. Currently, it is a manual process to have any
Go Firewall Rule Self-Service – v0.03 Read More »
This post will be an overview of the project progress for Firewall Rule Self-Service portal that I am creating with Go.The code can be found as release v0.02 in my GitHub The project is to allow non-technical users to create a firewall rule in Terraform. Currently, the project has a single main page, which is
Go Firewall Rule Self-Service – v0.02 Read More »
As part of the ASA API Terraform Project, in this post I will be demonstrating the creation of ACLs using objects, object groups and standard IP addressing. Lab I’m going to set up a simple ASA lab using the previous post from the project. Creating Objects with Terraform I have created a network object and
ASA Access Lists with Terraform Read More »
Creating GitLab Project I have started this off by creating a new in GitLab. As I have previously setup my SSH key for GitLab I will just clone the repo and I’ll be able to push changes that way. My lab is up and running GNS3, I just ensure that I can ping and SSH
ASA Terraform Setup Read More »
ASA Management Configuration I have created a lab for an ASA using a single ASA to begin with. It’s a basic walkthrough to setup the ASA and the API. Download and Transfer API Installer to ASA The ASA API can be found here. I am running ASA 9.9, and I have used the file asa-restapi-7161-lfbff-k8.SPA.
Cisco ASA API Setup Read More »
Quick how to for FQDN ACL on ASA.These are not recommended, but still possible. Create Objects Create ACL Need DNS servers Test
Generic AnyConnect SSL Configuration Duo Create Account Create new application Create test user Create AAA to go to Duo. This information is found in the Duo portal under Application. Update tunnel-group to use Duo Ping the API Hostname Additional DUO Things Default AnyConnect Profile Duo Files Create Profile Apply Profile Testing Using LDAP as primary
Cisco AnyConnect 9+ Duo Read More »