Emulate a IPSEC Site-to-Site tunnel with Cisco ASA 5520 in GNS3 Preparation Phase 2

Now that we have finished phase 1 it is time to look at phase 2.

In phase 2 we will configure a site-to-site vpn tunnel throughout the ASDM wizard. I know it is better by cli. But i am new to Site-to-Site VPN and before you can understand the concept you need to start with the easy way. In phase 3 we will manual configure a ipsec site-to-site tunnel and give tips about what is required to be the same on both sides and what can be different.

Step 1: Create the local and remote subnet on both ASA’s

Config ASA1:

object network Local_Networks_VPN_To_Amsterdam


object network Remote_Networks_VPN_To_Heerlen


Config ASA2:

object network Local_Networks_VPN_To_Amsterdam


object network Remote_Networks_VPN_To_Heerlen


Step 2: Configure ASA1 and ASA2 to be a IPSEC Tunnel.

Look at this document for a step-by step guide on how it is created.

Step 3: Open a ping from site A to B

Very Important!

This is required. If no traffic is submitted the tunnel will stay down.

Why does something needs to be up when there is no traffic for the remote site?

Step 3 is also encluded in the guide with step 2.


Limit CPU Time for a specific user on Server 2008 (Registry edit)

Within Server 2008 it is possible to limit a user a specific percentage of CPU Time.

Lets assume there is a Backup Service Account. This account makes every night a backup. The creation of a backup is time consuming process (depends on amount of data) and there is a requirement from the business that it may not prohibit the business from functioning.

Lees verder

Configure a span port on a catalyst 3560

To create a span port on a cisco 3560 “swouter” the following preparations:

1. Connect the host/server/ip phone is connected to a port on the switch

2. Connect the wireshark client to another port on the switch. (this will be the destination port.

3. Connect the uplink for the client to the switch (if not already configured.)

to configure the switch:

monitor 1 source interface fastethernet 0/1

monitor 1 destination interface fastethernet 0/2

install wireshark and configure the filter to display only the host. (ip host)