ip route get <ip>
route -n

[ # ]

/usr/sbin/dmidecode

Notes:

  • Use '/usr/sbin/dmidecode | grep "Product Name" to view specific hardware name

[ # ]

!! Configuring the captures
!! Method 1 - ACL Capture
  access-list ryan permit ip host <source> host <dst>
  capture ryan-inside access-list ryan int <int>
  show capture ryan-inside

!! Method 2 - Match Capture (This is bidirectional)
  capture ryan-inside interface <int> match ip host <src ip> dest <dest ip>
  sh cap ryan-inside

!! Obtaining capture as PCAP file
!! 1.) Method 1 - Copying to another location
  copy /pcap capture:/<capture-name> <destination>

!! Example:
  copy /pcap capture:/mycap ftp://1.1.1.1/incoming/mycap.pcap

!! 2.) Method 2 - Downloading from the firewall
 Visit in Browser: https://<FW-IP>/admin/capture/<capture_name>/pcap

!! Example:
  Visit in Browser: https://1.1.1.1/admin/capture/mycap/pcap

Notes:

  • To download the PCAP, ensure you are connecting on the same port as ASDM is configured ('show run http')

Documentation

[ # ]

lvresize -L 20GB /dev/vg_splat/lv_current         !! Sets the logical volume size
Reboot into maintenance mode   !! View boot menu to see 'Maintenance Mode' option - you do need the expert password.  if your current acct has expert type "passwd root" to reset it.
e2fsck -f /dev/mapper/vg_splat-lv_current
resize2fs /dev/mapper/vg_splat-lv_current
Reboot

Notes:

  • Especially useful for UTMs with small root partitions. Upgrades can fail due to this.

[ # ]

!! Define the traffic that will require the custom timeout

access-list <Match-ACL-Name> extended permit <traffic-to-match>
!! Define the class-map with the match of the ACL above

class-map <Class-Map-Name>
 match access-list <Match-ACL-Name>
!! Define the policy-map to be applied to an interface
!! Note: Only one policy-map can be defined per interface. If you have one already defined for an interface, add the 'class' and settings to the existing policy-map

policy-map <Policy-Map-Name>
 class <Class-Map-Name>
  set connection timeout idle <Timeout-in-HH:MM:SS-Format>
!! Note: Only one policy-map can be defined per interface. If you have one already defined for an interface, the following line is not necessary

service-policy <Policy-Map-Name> interface <interface> 

EXAMPLE CONFIGURATION

access-list SSH-24Hour-ACL extended permit tcp object-group SSH_24Hour_Hosts any eq 22

class-map SSH-24Hour-ClassMap
 match access-list SSH-24Hour-ACL

policy-map inside-policy-map
 class SSH-24Hour-ClassMap
  set connection timeout idle 24:00:00

service-policy inside-policy-map interface inside 

Notes:

  • See documentation for information regarding the interface direction
  • This was designed for versions 8.3+ although it may work on version 8.2

Documentation

[ # ]

access-list <ACL Name> permit <protocol> <host> <host> eq port> inactive

Notes:

  • This will overwrite the previous ACL, if it exists
  • Re-issue ACL command without inactive to enable ACL again

Documentation

[ # ]

configure terminal
config factory-default
write memory

[ # ]

  1. Reboot device
  2. At prompt, hit escape to break the boot sequence
  3. 'confreg' !! prompt will start with 'rommon #'
  4. Note your current configuration register (0x1 is the default)
  5. Choose 'Y' to change the configuration
  6. Accept all the defaults EXCEPT 'disable system configuration'. Set this to 'Y'
  7. 'boot'
  8. 'enable' after device has booted !! Just hit enter for the password
  9. 'copy startup-config running-config'
  10. Reset the passwords in 'conf t':

    password <password> enable password <password> username <username> password <password>

  11. 'config-register
  12. 'copy running-config startup-config'

Notes:

  • Must be performed via the console port

Documentation

[ # ]

show ospf database
show ospf neighbor
debug ospf events

[ # ]

interface Ethernet0/1                !! inside for instance
 ospf cost 10
 ospf message-digest-key 1 md5 <md5 key>
 ospf authentication message-digest
interface Ethernet0/2                !! outside for instance
 ospf cost 10
 exit
router ospf 1
 network <internal ip> <internal network> area <area number>  !! Each network that we will advertise
 log-adj-changes
 redistribute rip subnets        !! redistribute RIP if needed !
 exit

[ # ]