Thursday, December 20, 2012

Tutorial of Static & Dynamic Routing and Configuring Static Routing on Cisco ASA Firewall

The main features of static routing:
1.       Manually set up a route in a dormant manner.
2.       Stable.
3.       Has no impact made by traffic and transmission failures.
4.       Creates no traffic derived from routing protocols.

Advantages & Disadvantages:
Static routing needs a network administrator, with knowledge of the internetwork topology, manually builds and updates the routing table, programming all routes in the routing table. Static routers can work well for small internetworks but do not scale well to large or dynamically changing internetworks due to their manual administration.
Static routers are not fault tolerant. The lifetime of a manually configured static route is infinite and, therefore, static routers do not sense and recover from downed routers or downed links.
With the above points, for small business, I recommend not using dynamic routing though and stick with just static routes. The reason is that one of the purposes of a firewall is to hide your internal trusted network addressing and topology. By configuring dynamic routing support, you might be advertising routes to untrusted networks thus exposing your network to threats.
Cisco ASA Configuration

The main features of dynamic routing:
1.       Automatically sets up a route.
2.       Respond to the changes of the network.
3.       Automatically select the optimized route.
4.       Automatically select the backup route.

Advantages & Disadvantages:
Except for their initial configuration, dynamic routers require little ongoing maintenance, and therefore can scale to larger internetworks. Dynamic routing is fault tolerant. Dynamic routes learned from other routers have a finite lifetime. If a router or link goes down, the routers sense the change in the internetwork topology through the expiration of the lifetime of the learned route in the routing table. This change can then be propagated to other routers so that all the routers on the internetwork become aware of the new internetwork topology.
The ability to scale and recover from internetwork faults makes dynamic routing the better choice for medium, large, and very large internetworks.

Details of configuring static routing on Cisco ASAFirewall
Configuring Static Routing on Cisco ASA Firewall
The above picture will show the details and help us understand how to configure static routing better.
To begin with, the ASA connects to the internet on the outside and also has a DMZ and Internal zones. The default gateway towards the ISP is 200.1.1.1. The DMZ network is 10.0.0.0/24 and the internal LAN1 network is 192.168.1.0/24. LAN1 is directly connected to the Inside interface of the firewall.     
Additionally, there is another internal network, namely LAN2, with network 192.168.2.0/24. LAN2 is not directly connected to the firewall. Rather, there is an internal router with address 192.168.1.1 through which we can reach LAN2. Therefore, in order for the ASA to reach network LAN2, we need to configure a static route to tell the firewall that network 192.168.2.0/24 can be reached via 192.168.1.1.
Therefore, we need to configure two static routes---One Default Static route for Internet access, and one internal static route to reach network LAN2. For directly connected networks (DMZ and LAN1) we don’t need to configure a static route since the firewall already knows about these networks as they are directly connected to its interfaces.
Configuration:
The format of the static route command is:
ASA (config)# route [interface name] [destination address] [netmask] [gateway]
! First configure a default static route towards the default gateway
ASA (config)# route outside 0.0.0.0 0.0.0.0 200.1.1.1
! Then configure an internal static route to reach network LAN2
ASA (config)# route inside 192.168.2.0 255.255.255.0 192.168.1.1
 Related to:  tech21century.com/configure-static-routing-on-cisco-asa-firewall

Monday, December 17, 2012

Cisco Resources Cooperation Request



I believe that you will agree me that resources cooperation is more and more important in this Internet time.
I wonder if we can cooperate together by a double-win way for we have advantages that are mutually complementary. (Cisco related industries such as Cisco certification books suppliers, Cisco training centers, Cisco technical providers ect. are preferred.) I wonder if we can
1.       advertise our links or banners for each other
2.       advertise my links or banners at your website with reasonable charge
3.       other ways you expected ( we will consider)
Router-switch.com---A worldwide Cisco Devices Supplier
The following are parts of our advantages. Welcome to share!
1.       We have professional sales & marketing team for Best Cisco equipment.
2.       We own 8000+ Cisco end users and resellers & system integrators all over the world.
3.       We provide best pre and after-sales services.
4.       We have free & professional CCIE support team…
More info and details of our website you can visit: http://www.router-switch.com/ (PR 3)
Our official blog providing tech tutorial and information: http://blog.router-switch.com/ (PR 3).
If you are willing to cooperate with us, please contact me as soon as possible. My Email is hkyejian86@hotmail.com. Thank you very much!

I’m looking forward to your reply.

Best Regards

Tuesday, October 16, 2012

Big Surprise of Worldwide Leading Cisco Supplier -Router-switch.com, Only 15 Days Left!

With providing 59%-77% OFF for hundreds of popular Cisco products and  several free AIR-LAP1131AG-A-K9 for lucky guys fill out the questionnaire, Router-switch.com has proved the company strength and its sincerity to clients. Of course, as many clients required, helping them to know Router-switch.com better is necessary! 

Router-switch.com has become a world’s leading Cisco supplier over the past ten years with the help of its staff and customers. To celebrate its 10 years, router-switch.com offers some activities for all the old and new clients, for example, big discount (save up to 75% off) for the popular Cisco items (including Catalyst 3560x Series, Cisco Catalyst 3750x Series, Catalyst 3560V2/3750V2, Cisco 2900&3900 Routers, Network Cards, etc.), fill out a simple survey to win a big gift (Cisco AIR-AP1131AG-A-K9, limited edition T-shirts and 20PC U disk). The activity date is from September. 01. 2012 to October. 31. 2012. Wow, if you are a Cisco buyer, don’t miss this chance. Let’s join the party to celebrate the 10th birthday together. 
How to Take Part in this Big Party for Router-switch.com’s 10th Anniversary?
If you want to know more about the activities hold at router-switch.com, you can visit the related topics: Big Discount for the Popular Cisco Items.
http://www.router-switch.com/10years/crazy-sale-of-10th-anniversary.html,

Fill Out the Questionnaire to Get a Big Gift, 
 http://www.router-switch.com/10years/questionnaire.html.

How the Router-switch.com Become the World’s Leading Cisco Supplier?
During the past ten years, from 2002 to 2012, router-switch.com has grown up into a global leading Cisco supplier. Indeed, it has experienced several vital moment. Here let’s share some router-switch.com’s big events:
2002, Router-switch.com was founded.
2003, Router-switch.com has experienced a rapid development.
2004, CCIE technical support team was built.
2005, the sales volume maintains 70% growth per year.
2006, Staff in company increased to 20.
2007, Router-switch.com established its marketing department. It attained its reputation in providing timely information of Cisco for clients and Cisco users.
2008, Router-switch.com adopted necessary advanced management tools to improve its service for clients.
2009, Router-switch.com upgraded warehouses in Hongkong and Mainland China. Its inventory is worth over $5 million.
2010, the sales of Router-switch.com have zoomed to $ 30 million.
2011, Router-switch.com released the new version to update service. It supplies free CCIE support. Social network platforms were opened to communicate with customers and clients well.
2012, New Office of router-switch.com landed in US to offer professional local service.
Nowadays, router-switch.com is becoming the world’s largest Cisco reseller online.  It believes that router-switch.com will be more professional, more reliable and stronger with your support.
Note: A letter from CEO of router-switch.com to thank its customers and share their progress.
More about Router-switch.com:
Router-switch.com, also called Yejian Technologies Co., Ltd, is the worldwide leader in delivering new, used, refurbished Cisco hardware, including Cisco routers, Cisco switches, firewall security, Cisco IP Phones VoIP, wireless AP, Cisco modules & cards, memory, and optical cables, SFP, GBIC, XENPK , etc. It carries over $5 million in inventory of Cisco hardware and Cisco equipment that can meet SOHO, small, midsized and large businesses of all sizes. Also Router-Switch.com owns more than 8,000 customers worldwide, not only because of its original Cisco products with reliable quality and competitive price, but also due to professional service, huge inventory, flexible payment and shipment. More information about router-switch.com can be found at http://www.router-switch.com/. For ongoing Cisco info, please go to
Blog.router-switch.com---News, tutorials, tips, info & thoughts on Developments in the Cisco, Cisco network, IT, Software & Network Hardware Industry
More Related Router-switch.com News:
Router-switch.com Announced Its Newly Redesigned Website
“Router Switch”, Our New Company Landing in U.S.—Professional Cisco Supply Service is Around You
Router-switch.com: A Batch of New Cisco Network Equipment Surprises the Coming Christmas Day
Router-Switch.com Uploaded Thousands of New Cisco Products