[opensource-wg] Teo En Ming's Notes on Basic Configuration of Cisco ASA 5516-X Firewall - Version 1
Subject: Teo En Ming's Notes on Basic Configuration of Cisco ASA 5516-X Firewall - Version 1 Good day from Singapore, Author: Mr. Turritopsis Dohrnii Teo En Ming Country: Singapore Date of Publication: 20 March 2024 Wednesday Document Version: 1 I have bought this refurbished/second hand/used Cisco ASA 5516-X firewall with FirePOWER Services for SGD$100 at Bukit Panjang Ring Road on 17 Mar 2024 Sunday at about 8.30 PM Singapore Time. On 19 March 2024 Tuesday, I have completed basic configuration of this firewall. Configuration Start: 19 March 2024 Tuesday, 9.22 PM Configuration End: 19 March 2024 Tuesday, 11.33 PM Below are my notes on configuring the Cisco ASA 5516-X firewall (basic). Part 1: Factory reset the Cisco ASA 5516-X firewall === Reference guide: Clearing, resetting or erasing configuration on Cisco ASA Link: https://www.linkedin.com/pulse/clearing-resetting-erasing-configuration-cisco-asa-darko-raki%C4%87?utm_source=share_medium=member_android_campaign=share_via cisco> en Password: * cisco# conf t cisco(config)# * NOTICE * Help to improve the ASA platform by enabling anonymous reporting, which allows Cisco to securely receive minimal error and health information from the device. To learn more about this feature, please visit: http://www.cisco.com/go/smartcall Would you like to enable anonymous error reporting to help improve the product? [Y]es, [N]o, [A]sk later: Y Enabling anonymous reporting. Adding "call-home reporting anonymous" to running configuration... Creating trustpoint "_SmartCallHome_ServerCA" and installing certificate... Trustpoint CA certificate accepted. Please remember to save your configuration. cisco(config)# configure factory-default Based on the inside IP address and mask, the DHCP address pool size is reduced to 250 from the platform limit 256 WARNING: The boot system configuration will be cleared. The first image found in disk0:/ will be used to boot the system on the next reload. Verify there is a valid image on disk0:/ or the system will not boot. Begin to apply factory-default configuration: Clear all configuration Executing command: ! Executing command: interface Management1/1 Executing command: management-only Executing command: no nameif Executing command: no security-level Executing command: no ip address Executing command: no shutdown Executing command: exit Executing command: ! Executing command: interface GigabitEthernet1/1 Executing command: nameif outside INFO: Security level for "outside" set to 0 by default. Executing command: security-level 0 Executing command: ip address dhcp setroute Executing command: no shutdown Executing command: exit Executing command: ! Executing command: interface GigabitEthernet1/2 Executing command: nameif inside INFO: Security level for "inside" set to 100 by default. Executing command: security-level 100 Executing command: ip address 192.168.1.1 255.255.255.0 Executing command: no shutdown Executing command: exit Executing command: ! Executing command: object network obj_any Executing command: subnet 0.0.0.0 0.0.0.0 Executing command: nat (any,outside) dynamic interface Executing command: exit Executing command: ! Executing command: http server enable Executing command: http 192.168.1.0 255.255.255.0 inside Executing command: ! Executing command: dhcpd auto_config outside Executing command: dhcpd address 192.168.1.5-192.168.1.254 inside Executing command: dhcpd enable inside Executing command: ! Executing command: logging asdm informational Executing command: ! Executing command: ! Executing command: ! Factory-default configuration is completed ciscoasa(config)# reload System config has been modified. Save? [Y]es/[N]o: y Cryptochecksum: 200435a9 cee9c848 4fb5e91d ac201631 3250 bytes copied in 0.150 secs Proceed with reload? [confirm] ciscoasa(config)# *** *** --- START GRACEFUL SHUTDOWN --- Shutting down isakmp Shutting down webvpn Shutting down sw-module Shutting down License Controller Shutting down File system *** *** --- SHUTDOWN NOW --- Process shutdown finished Rebooting... (status 0x9) .. INIT: Sending processes the TERM signal Deconfiguring network interfaces... done. Sending all processes the TERM signal... Sending all processes the KILL signal... Deactivating swap... Unmounting local filesystems... Rebooting... Part 2: Basic Configuration of Cisco ASA 5516-X Firewall = Reference guide: Basic Cisco ASA 5506-x Configuration Example Link: https://www.speaknetworks.com/basic-cisco-asa-5506-x-configuration-example/ ciscoasa> en Password: ciscoasa# ciscoasa# show bootvar BOOT variable = Current BOOT variable = CONFIG_FILE variable = Current CONFIG_FILE variable = Step 1: Configure ASA interfaces and assign appropriate security levels ===
Re: [opensource-wg] Most popular open source firewall in the world
Dear Martin, I prefer to use the open source firewall that is the most popular in the world to get a feel-good feeling. Based on my research in online shopping platforms like Lazada, many online shops are selling hardware appliances that claim to be compatible with pfsense and opnsense. pfsense and opnsense are the most frequently mentioned open source firewalls in Lazada and other online shopping platforms. Regards, Mr. Turritopsis Dohrnii Teo En Ming Targeted Individual in Singapore On Tuesday, February 20th, 2024 at 4:50 AM, Martin Winter wrote: > I think the whole question is wrong. > > I don't see there to be one BEST product. It all matters for the > application. What is required (i.e. features, support, performance > etc). What is the know-how of the enduser? Does it require a simple > graphic interface? Or is a CLI preferred? Or both needed? Do you just > need a single setup or is this which should be rolled out to various > remote locations? Do you require it to run on a specific hardware or > OS? > > If you really want to help to select something and not just doing some > marketing research, then explain your situation and ask for > suggestions for it. > > Regards, > Martin Winter > > On Mon, Feb 19, 2024 at 4:57 PM Julius ter Pelkwijk pelkw...@gmail.com wrote: > > > Hey, > > > > As someone who works a lot with AI, I have to say that chatGPT relies on > > what it can find on the internet. The first page I found was from pfsense, > > claiming it to be the "world's most trusted open source firewall". The > > Dutch call this a "wij van wc-eend", a phrase made by a company to claim > > that their product is the best. > > > > I tend to use UFW, but I know people who use Shorewall and CSF. Its a case > > of "preference" and what you want to use the firewall for. > > > > Greetings, > > > > Julius > > > > On Mon, Feb 19, 2024 at 3:54 PM Klaas Tammling klaas@tammling.hamburg wrote: > > > > > Hi, > > > > > > I mean just from a quick search there are a bunch of great opensource > > > firewalls. Some more popular than others, depending on the use case. > > > > > > The first one which would come into my mind is OPNSense, a fork of > > > pfsense. I use it myself and it works great. > > > > > > Another one could be IPFire and IPCop. > > > > > > This site is in German but it lists a few, you could evaluate if you > > > search for something new (not affiliated with that site): > > > https://aware7.com/de/blog/die-12-besten-open-source-firewalls/ > > > > > > All the best, > > > > > > Klaas > > > > > > > > > Von: opensource-wg opensource-wg-boun...@ripe.net im Auftrag von > > > Turritopsis Dohrnii Teo En Ming via opensource-wg opensource-wg@ripe.net > > > Gesendet: Montag, 19. Februar 2024 15:33 > > > An: opensource-wg@ripe.net opensource-wg@ripe.net > > > Cc: c...@teo-en-ming-corp.com c...@teo-en-ming-corp.com > > > Betreff: [opensource-wg] Most popular open source firewall in the world > > > > > > Subject: Most popular open source firewall in the world > > > > > > Good day from Singapore, > > > > > > I am using pfsense community edition 2.7.2 firewall at home. > > > > > > Recently I asked ChatGPT. ChatGPT says pfsense is the singular most > > > popular open source firewall in the world. > > > > > > Is pfsense really the most popular open source firewall in the world? > > > If there is more than one, please provide a list of the most popular open > > > source firewall(s) in the world as well. > > > Preferably from well accredited sources. > > > > > > Thank you. > > > > > > Regards, > > > > > > Mr. Turritopsis Dohrnii Teo En Ming > > > Targeted Individual in Singapore > > > > > > ___ > > > opensource-wg mailing list > > > opensource-wg@ripe.net > > > https://lists.ripe.net/mailman/listinfo/opensource-wg > > > > > > To unsubscribe from this mailing list, get a password reminder, or change > > > your subscription options, please visit: > > > https://lists.ripe.net/mailman/listinfo/opensource-wg > > > ___ > > > opensource-wg mailing list > > > opensource-wg@ripe.net > > > https://lists.ripe.net/mailman/listinfo/opensource-wg > >
Re: [opensource-wg] Most popular open source firewall in the world
Dear Julius, I prefer to use a firewall distro that could secure the entire network like pfsense, opnsense, ipfire, etc. I personally feel that UFW, shorewall and CSF are too basic and they are host-based solutions, that is, they can only secure the computers they are installed on, not the entire network. Regards, Mr. Turritopsis Dohrnii Teo En Ming Targeted Individual in Singapore On Monday, February 19th, 2024 at 11:56 PM, Julius ter Pelkwijk wrote: > Hey, > > As someone who works a lot with AI, I have to say that chatGPT relies on what > it can find on the internet. The first page I found was from pfsense, > claiming it to be the "world's most trusted open source firewall". The Dutch > call this a "wij van wc-eend", a phrase made by a company to claim that their > product is the best. > > I tend to use UFW, but I know people who use Shorewall and CSF. Its a case of > "preference" and what you want to use the firewall for. > > Greetings, > > Julius > > On Mon, Feb 19, 2024 at 3:54 PM Klaas Tammling wrote: > >> Hi, >> >> I mean just from a quick search there are a bunch of great opensource >> firewalls. Some more popular than others, depending on the use case. >> >> The first one which would come into my mind is OPNSense, a fork of pfsense. >> I use it myself and it works great. >> >> Another one could be IPFire and IPCop. >> >> This site is in German but it lists a few, you could evaluate if you search >> for something new (not affiliated with that site): >> https://aware7.com/de/blog/die-12-besten-open-source-firewalls/ >> >> All the best, >> >> Klaas >> >> --- >> >> Von: opensource-wg im Auftrag von >> Turritopsis Dohrnii Teo En Ming via opensource-wg >> Gesendet: Montag, 19. Februar 2024 15:33 >> An: opensource-wg@ripe.net >> Cc: c...@teo-en-ming-corp.com >> Betreff: [opensource-wg] Most popular open source firewall in the world >> >> Subject: Most popular open source firewall in the world >> >> Good day from Singapore, >> >> I am using pfsense community edition 2.7.2 firewall at home. >> >> Recently I asked ChatGPT. ChatGPT says pfsense is the singular most popular >> open source firewall in the world. >> >> Is pfsense really the most popular open source firewall in the world? >> If there is more than one, please provide a list of the most popular open >> source firewall(s) in the world as well. >> Preferably from well accredited sources. >> >> Thank you. >> >> Regards, >> >> Mr. Turritopsis Dohrnii Teo En Ming >> Targeted Individual in Singapore >> >> ___ >> opensource-wg mailing list >> opensource-wg@ripe.net >> https://lists.ripe.net/mailman/listinfo/opensource-wg >> >> To unsubscribe from this mailing list, get a password reminder, or change >> your subscription options, please visit: >> https://lists.ripe.net/mailman/listinfo/opensource-wg >> ___ >> opensource-wg mailing list >> opensource-wg@ripe.net >> https://lists.ripe.net/mailman/listinfo/opensource-wg >> >> To unsubscribe from this mailing list, get a password reminder, or change >> your subscription options, please visit: >> https://lists.ripe.net/mailman/listinfo/opensource-wg___ opensource-wg mailing list opensource-wg@ripe.net https://lists.ripe.net/mailman/listinfo/opensource-wg To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/opensource-wg
Re: [opensource-wg] Most popular open source firewall in the world
Dear Klaas, Thanks for the link. IPCop is an abandoned opensource firewall project. I personally feel ipfire is not as good as pfsense. Regards, Mr. Turritopsis Dohrnii Teo En Ming Targeted Individual in Singapore On Monday, February 19th, 2024 at 10:53 PM, Klaas Tammling wrote: > Hi, > > I mean just from a quick search there are a bunch of great opensource > firewalls. Some more popular than others, depending on the use case. > > The first one which would come into my mind is OPNSense, a fork of pfsense. I > use it myself and it works great. > > Another one could be IPFire and IPCop. > > This site is in German but it lists a few, you could evaluate if you search > for something new (not affiliated with that site): > https://aware7.com/de/blog/die-12-besten-open-source-firewalls/ > > All the best, > > Klaas > > ------- > > Von: opensource-wg im Auftrag von > Turritopsis Dohrnii Teo En Ming via opensource-wg > Gesendet: Montag, 19. Februar 2024 15:33 > An: opensource-wg@ripe.net > Cc: c...@teo-en-ming-corp.com > Betreff: [opensource-wg] Most popular open source firewall in the world > > Subject: Most popular open source firewall in the world > > Good day from Singapore, > > I am using pfsense community edition 2.7.2 firewall at home. > > Recently I asked ChatGPT. ChatGPT says pfsense is the singular most popular > open source firewall in the world. > > Is pfsense really the most popular open source firewall in the world? > If there is more than one, please provide a list of the most popular open > source firewall(s) in the world as well. > Preferably from well accredited sources. > > Thank you. > > Regards, > > Mr. Turritopsis Dohrnii Teo En Ming > Targeted Individual in Singapore > > ___ > opensource-wg mailing list > opensource-wg@ripe.net > https://lists.ripe.net/mailman/listinfo/opensource-wg > > To unsubscribe from this mailing list, get a password reminder, or change > your subscription options, please visit: > https://lists.ripe.net/mailman/listinfo/opensource-wg___ opensource-wg mailing list opensource-wg@ripe.net https://lists.ripe.net/mailman/listinfo/opensource-wg To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/opensource-wg
[opensource-wg] Most popular open source firewall in the world
Subject: Most popular open source firewall in the world Good day from Singapore, I am using pfsense community edition 2.7.2 firewall at home. Recently I asked ChatGPT. ChatGPT says pfsense is the singular most popular open source firewall in the world. Is pfsense really the most popular open source firewall in the world? If there is more than one, please provide a list of the most popular open source firewall(s) in the world as well. Preferably from well accredited sources. Thank you. Regards, Mr. Turritopsis Dohrnii Teo En Ming Targeted Individual in Singapore ___ opensource-wg mailing list opensource-wg@ripe.net https://lists.ripe.net/mailman/listinfo/opensource-wg To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/opensource-wg