lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <5bbe3ed461b0f0da8a39a7eb5416749f@teo-en-ming.com>
Date:   Tue, 11 Aug 2020 22:35:08 +0800
From:   Turritopsis Dohrnii Teo En Ming <ceo@...-en-ming.com>
To:     linux-kernel@...r.kernel.org
Cc:     ceo@...-en-ming-corp.com
Subject: How to Setup TWO DMZ Zones (DMZ1 and DMZ2) on the Cisco ASA 5506-X
 Firewall

Subject: How to Setup TWO DMZ Zones (DMZ1 and DMZ2) on the Cisco ASA 
5506-X Firewall

Author: Mr. Turritopsis Dohrnii Teo En Ming (Targeted Individual)
Country: Singapore, Singapore, Singapore
Date: 11 August 2020 Tuesday Singapore Time
Type of Publication: Plain Text

Cisco ASA firewall appliances are based on open source software.

Reference Guide: Cisco ASA DMZ Configuration Example
Link: https://www.speaknetworks.com/cisco-asa-dmz-configuration-example/

Cisco ASA CLI commands:

interface GigabitEthernet1/6
description to DMZ1
nameif dmz1
security-level 50
ip address 192.168.1.1 255.255.255.0

interface GigabitEthernet1/7
description to DMZ2
nameif dmz2
security-level 50
ip address 192.168.2.1 255.255.255.0

nat (dmz1,outside) after-auto source dynamic any interface
nat (dmz2,outside) after-auto source dynamic any interface

object network DMZ1SERVER-EXT
host <public WAN IP address #1>

object network DMZ1SERVER-INT
host 192.168.1.10

nat (dmz1,outside) static DMZ1SERVER-EXT service tcp ssh ssh

access-list OUTSIDE extended permit tcp any object DMZ1SERVER-INT eq ssh

access-group OUTSIDE in interface outside

object network DMZ2SERVER-EXT
host <public WAN IP address #2>

object network DMZ2SERVER-INT
host 192.168.2.10

nat (dmz2,outside) static DMZ2SERVER-EXT service tcp ssh ssh

access-list OUTSIDE extended permit tcp any object DMZ2SERVER-INT eq ssh

access-group OUTSIDE in interface outside

copy run start

Additional Learning Material
============================

Reference Guide: Remote Access IPsec VPNs
Link: 
https://www.cisco.com/c/en/us/td/docs/security/asa/asa95/configuration/vpn/asa-95-vpn-config/vpn-remote-access.html






-- 
-----BEGIN EMAIL SIGNATURE-----

The Gospel for all Targeted Individuals (TIs):

[The New York Times] Microwave Weapons Are Prime Suspect in Ills of
U.S. Embassy Workers

Link: 
https://www.nytimes.com/2018/09/01/science/sonic-attack-cuba-microwave.html

********************************************************************************************

Singaporean Mr. Turritopsis Dohrnii Teo En Ming's Academic
Qualifications as at 14 Feb 2019 and refugee seeking attempts at the 
United Nations Refugee Agency Bangkok (21 Mar 2017), in Taiwan (5 Aug 
2019) and Australia (25 Dec 2019 to 9 Jan 2020):

[1] https://tdtemcerts.wordpress.com/

[2] https://tdtemcerts.blogspot.sg/

[3] https://www.scribd.com/user/270125049/Teo-En-Ming

-----END EMAIL SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ