Replacing Cisco Firewalls with Fortinet Firewalls
KB ID 0001741 Replacing Cisco If you’ve been following articles on the site you will know that the focus of the firewall related output is shifting from Cisco ASA / Cisco FirePOWER to Fortinet (FortiGate) firewalls. This article is so you can make an informed choice about what you want to replace your Cisco firewall with. Note: I’m starting with SOHO and Small Business sized firewalls, but I will extend this to...
Cisco FTD (and ASA) Creating AnyConnect Profiles
KB ID 0001685 Problem A few days ago I did an article on Deploying Cisco AnyConnect with the Cisco FTD, there I glossed over the AnyConnect profile section. For a long time now, we have been able to edit the AnyConnect profile from within the firewall (if we are running ASA code!) But for the FTD we need to take a step backwards and go back to using the ‘offline’ AnyConnect profile editor. Solution Firstly you need to...
Cisco FTD Deploy AnyConnect (from FDM)
KB ID 0001682 Problem In this article I will focus on ‘Remote Access’ VPN, which for Cisco FTD means using the AnyConnect client. Ive spent years deploying this solution for ASA so it’s a product I know well. As with all things Cisco, there are a couple of things that could trip you up. Let’s get them out of the way first. If you are used to AnyConnect then you probably have the client software. It’s the...
Cisco FTD Site to Site VPN
KB ID 0001681 Problem While working out how to create a VPN on the Cisco FTD (Firepower 1010), I thought I might as well set it up to the Cisco ASA that I have in the Data Center on my test network. This is what I’m connecting; Create Site to Site VPN On Cisco FTD (using FDM) Using a web browser connect to the devices FDM > Site to Site VPN > View Configuration. Create Site-to-site-connection. Connection profile name:...
Configure Cisco FTD Port Forwarding (via FDM)
KB ID 0001680 Problem You have a Cisco FTD device that you manage via FDM, and you would like to setup port forwarding. In the example below I will forward TCP Port 80 (HTTP) traffic from the outside interface of my FTD Device (Firepower 1010) to an internal web server on 10.254.254.212 Solution (Step 1: Create an FTD NAT Policy) Using a web browser connect to the FDM > Polices > NAT > Add. Set the following options; Title:...