Thanks for the feedback @kroy5555

Thanks for the feedback and really pleased to hear the video helped 👍

@@GregSouth I am a cyber security student as well and I do appreciate your videos and the support you're giving to us. God bless you.

Were you in your final year?

@@jean-lucpicard5510 yes I graduated now and working for MSP company. I don't use this software a lot, but it's good to know the basic.

Hey Alex! Thanks for the feedback and glad the videos are helping. Good luck with your studies

Hi Rocio, thanks for the feedback and really pleased videos helped

Hey @SCMcDonLon- glad the videos helped and thanks for the feedback! Greg

I have some urls in comments section where can look up more information on these

Glad you liked it

Hi @George Z In this exercise, I used a the following Cisco Packet Tracer file. You can find it at the following link: - bit.ly/38o8Dxf In this link, I've also uploaded the exercise file that outlines the scenario in more detail. To incorporate more vlans: use the command ‘interface vlan x (x being the number you wish to create) - just a heads up on this, what you may find with creating more vlans you will likely encounter an error if you try and name the vlan - this issue is because of license restrictions on the ASA. With regards to the edge router(router R1), this is configured with a public IP address on it’s G0/0 interface (think of this like the ISP’s router) so that we could configure a default static route on the ASA outside interface to essentially enable the ASA to reach external networks. I hope it helps. Greg

@@GregSouth Thank you Greg you are the best

Glad it was helpful!

Hi Rob, you are correct. If you were to add a web server for example off Router 1 interface (configure up with ip add, subnet mask, default gateway), you should be able to ping (from PC-B) once you have added the inspect icmp rule. However, you would NOT be able to access the web server from PC-B until you added an inspect http rule. Best way of understanding this is to give it a go! Good luck and thanks for the feedback, Greg

Hi Rajeev, thanks for your comment and also for being my 1000 subscriber. :) Glad you like the content. I have on my to-do list to create more videos soon... I'll keep in mind your idea of CCNA security videos. All the very best. Thanks - Greg

Glad you liked it @niteshtelang4743

Hi @lastmoment7906 - sorry the sound isn't great on this - when i create more videos in the future I'll experiment more with this to try and improve. Thanks for your comments. All the very best. Greg

Hi - can start with inside interface but really admin choice - keep in mind bigger picture on what your goals are - eg protecting inside pcs & allowing restricted access to dmz

Hi @pang dv - thanks for watching and also the additional info

Hi there, my advice here would be to run through the exercise again (particularly focusing on page 8 of PDF) to run through creation of class-map, policy-map and service-policy - missing any of these steps will likely mean the ICMP traffic will not be able to pass through the ASA and return traffic allowed. Best of luck with it.

Hi @captaincommando9839 I really appreciate your feedback! Thanks for watching and commenting - glad you got the answer! Thanks,Greg

I’ll try test with real hardware and let you know Joe - currently it’s very difficult with lockdown but really appreciate your feedback, Greg

Hi Jean, I included Packet Tracer file with part one. All other routers IP addresses can be found by accessing router and running the command ‘show ip interface brief’

Thank you, I am currently doing my Final Year project in networks and systems support. I am using your set up as a template for my build. which requires a DMZ outward facing server, with an ASA firewall in a sandbox environment. I have done it in a physical form, but due to equipment constraints, and safety requirements, instead of 3 routers, i have just one, and PC b has to be on a trunk since it can not be physically on the ASA side of the lab we are working in, and vlan 2 between the ASA and isp router has to travel via Trunked switches. Not sure if you can attend the open day at Bradford College on the 25th. tutors have asked us to which industry experts we would like to attend.

Hi @namastenewzealand733 - my advice here would be to first double check you've applied the correct IP addresses to both inside and outside interfaces of the ASA. Then check the NAT config e.g. ASA(config)# object network inside-net ASA(config-network-object)# subnet 192.168.1.0 255.255.255.0 ASA(config-network-object)# nat (inside,outside) dynamic interface ASA(config-network-object)# end Finally, use the simulation tool in Packet Tracer to ping from an inside PC to R2 to check to see the source IP address before it leaves the ASA and after it leaves (you should be able to see the address change from a private one 192.168.x.x to the public address 209.165.200.226). Hope this helps and best of luck with it. Greg

@@GregSouth Thanks for your reply. I will do the configuration again and hopefully it will work this time.

HI Manav, Click the following link - bit.ly/38o8Dxf - there is the sample file available for download so you can try this yourself. It contains the Configuring ASA Basic Settings exercise file and Cisco Packet Tracer file. Best of luck, Greg

@@GregSouth thanks a lot sir, I appreciate that you helped me and doing such a gr8 job 👍🔥

By the end of the exercise you should be able to. Have you tried to troubleshoot e.g. can you ping from PC-C (this should work at the beginning of the exercise). Pinging from PC-B, you will need to have already configured a number of settings on ASA e.g. NAT and default policy map. In addition, default route and inside and outside interfaces will need to be setup correctly too. All the best with it. Greg

@@GregSouth I saw my error there's an ospf configured. I miss this one. Now it's okay.

@@mr.compnet2263 Great stuff - well done

Hi Markpotsie, glad you found my videos helpful. Without seeing your network my advice would be to troubleshoot one step at a time- use verification commands such as ‘show ip route’ on each router - does it show the destination route? Also use the simulation tool to help see how far the packet is travelling- best of luck

Hi there, I haven't tried this out with IPv6 but hope to create some videos in the near future using IPv6 addressing.

Hi there, remember Packet Tracer at end of day is a simulator and has its limitations eg no gui for ASA but I see your point

Keep testing and don’t give up Adithya! This is where you learn the most :)

Hi there, my advice here would be to run through the exercise again (particularly focusing on page 8 of PDF) to run through creation of class-map, policy-map and service-policy - missing any of these steps will likely mean the ICMP traffic will not be able to pass through the ASA. Best of luck.

Hi @Mohammed - I connect the ASA to R1 using a static route. Commands and original network topology can be found in the following link: bit.ly/38o8Dxf All the best, Greg

@@GregSouth Thanks bro

You're welcome Danny!

Hi there - all config is available in first video of series - also pdf available with related commands. Hope this helps

@user-xj4jw4zc2r - this may be useful - Configuring an ASA Firewall on Cisco Packet Tracer Click the following link - bit.ly/38o8Dxf for Configuring ASA Basic Settings exercise file and Cisco Packet Tracer file.