1
00:00:00,420 --> 00:00:06,450
Hello and welcome to this lecture in this lecture we start the configuration of the Cisco NSA firewall

2
00:00:06,870 --> 00:00:14,490
in order to have it ready for connectivity from the windows management station through SDM.

3
00:00:14,580 --> 00:00:22,020
So basically to the graphical user interface so that we will configure for the IPC VPN using VPN side

4
00:00:22,020 --> 00:00:24,950
to side to the HQ site.

5
00:00:24,990 --> 00:00:31,680
So first of all we'll have to configure IP addressing and we will also configure the IP on the Internet

6
00:00:31,680 --> 00:00:33,930
rather so let's finish with that first.

7
00:00:34,920 --> 00:00:42,540
So gigabit 0 by 2 interface gigabit 0 by 2.

8
00:00:42,540 --> 00:00:48,710
It has the IP address of 100 that one hundred the one hundred dot 1 or 1.

9
00:00:48,990 --> 00:00:55,110
And it's a slash 30 mask so 2 5 2.

10
00:00:55,170 --> 00:00:56,770
And I will say no shut.

11
00:00:58,410 --> 00:00:59,610
And also.

12
00:00:59,610 --> 00:00:59,880
Right.

13
00:00:59,910 --> 00:01:00,810
The configuration

14
00:01:05,410 --> 00:01:06,190
and that's it.

15
00:01:06,970 --> 00:01:10,450
So configuration of the Internet cloud rather anyway.

16
00:01:10,600 --> 00:01:11,470
It's it's done.

17
00:01:11,470 --> 00:01:14,170
Now let's jump to the Cisco essay.

18
00:01:14,470 --> 00:01:24,500
So right click and I will say console just increase a little bit and let's do the configuration so enable

19
00:01:26,270 --> 00:01:31,370
no password just hit enter and let's start with gigabit.

20
00:01:31,580 --> 00:01:34,750
So would you like to enable anonymous or run.

21
00:01:36,000 --> 00:01:36,320
Good.

22
00:01:36,490 --> 00:01:39,150
So interface gigabit 0 by zero.

23
00:01:39,170 --> 00:01:47,180
This is the when the one facing interface first of all forces voice say You have to provide a name a

24
00:01:47,180 --> 00:01:50,610
name for the interface and we will say this is outside.

25
00:01:51,380 --> 00:01:53,580
Let's see an IP address now.

26
00:01:53,570 --> 00:02:06,010
So IP address 100 out 100 that 100 that 1 or 2 and 2 5 5 2 5 5 5 5 2 5 2 also no shut.

27
00:02:07,190 --> 00:02:09,350
Let's now also configure gigabit 0 by 1.

28
00:02:09,350 --> 00:02:17,660
So the the land facing interface interface gigabit 0 by 1 and let's say IP No.

29
00:02:17,690 --> 00:02:23,180
First of all do not forget the name interface name if because otherwise it will not work.

30
00:02:23,210 --> 00:02:25,490
The interface will not be initialized.

31
00:02:26,210 --> 00:02:29,340
So name if we'll call it inside.

32
00:02:29,450 --> 00:02:31,830
And now we can say IP address.

33
00:02:32,000 --> 00:02:32,600
What.

34
00:02:32,600 --> 00:02:41,610
1 9 to the 1 6 say that 3 that 1 2 5 5 5 5 5 5.

35
00:02:42,130 --> 00:02:42,680
Yeah.

36
00:02:42,880 --> 00:02:45,360
It is slated to be 4.0.

37
00:02:45,740 --> 00:02:46,050
Good.

38
00:02:46,640 --> 00:02:54,770
And if you now say show name if you can see that we have two interfaces and management as well.

39
00:02:54,770 --> 00:03:08,180
So the name run interface management management 0 by 0 name even management 1 and 2 168 1 that one this

40
00:03:08,180 --> 00:03:08,840
is not good.

41
00:03:08,840 --> 00:03:18,760
We will say interface management let's say interface management 0 by 0.

42
00:03:18,980 --> 00:03:23,710
The IP address is 172 the 30.

43
00:03:23,750 --> 00:03:38,770
The 100 that 1 2 5 5 5 5 5 5 that 0 so and and it seems right to say the configuration show interface

44
00:03:38,800 --> 00:03:43,830
ip brief and let's see all of the interfaces.

45
00:03:43,830 --> 00:03:46,380
So we have we have that too.

46
00:03:46,600 --> 00:03:53,620
Well I forgot to do a no shutdown on this one gigabit 0 by 1 I will do it right now up up this is the

47
00:03:53,620 --> 00:03:54,280
IP address.

48
00:03:54,280 --> 00:03:54,760
Perfect.

49
00:03:54,760 --> 00:03:59,280
So let's go now configure terminal interface gigabit 0 by 1 and say no.

50
00:03:59,290 --> 00:04:03,770
Shut down and let's check again.

51
00:04:04,690 --> 00:04:07,120
So show interface ip brief.

52
00:04:07,120 --> 00:04:07,680
Perfect.

53
00:04:07,690 --> 00:04:14,220
So all of the three interfaces have the necessary IP address configured and they're in the up upstate.

54
00:04:14,260 --> 00:04:15,060
Perfect.

55
00:04:15,070 --> 00:04:23,230
So now one less thing to do we have to enable something and you will see exactly what I mean.

56
00:04:23,350 --> 00:04:32,130
On the Cisco I say so that the Windows Windows machine can actually connect connect through HDTV.

57
00:04:32,170 --> 00:04:39,520
So from from a browser through a is the M or or basically through an authorization to keep your browser

58
00:04:39,550 --> 00:04:42,920
in the first place if you don't have is the configured.

59
00:04:42,940 --> 00:04:50,380
And then when you install the software on your P.C. through that through that P from that user and password

60
00:04:50,380 --> 00:04:58,270
that we will define on they say you'll be able to configure your euro as a device anyway the configuration

61
00:04:58,270 --> 00:04:59,540
you need is this.

62
00:04:59,590 --> 00:05:01,980
So we'll have to define the user name.

63
00:05:01,990 --> 00:05:10,730
Let's say Cisco password Cisco and privilege 15 will also have to enable EDP.

64
00:05:10,810 --> 00:05:14,010
So HDTV server enable.

65
00:05:14,080 --> 00:05:24,310
Means that the NSA now accepts ATP connections and we also have to say Well so what's the subnet IP

66
00:05:25,120 --> 00:05:28,420
that the HDTV request will come from.

67
00:05:28,420 --> 00:05:35,710
So if you now say ETP in question mark for the first fourth row here hostname or ABC this is the IP

68
00:05:35,710 --> 00:05:41,230
address it says the IP address of the host and the network authorized to access the ATP server.

69
00:05:42,010 --> 00:05:49,930
So I will say now anything although it's not good to do it in the production and I would say that the

70
00:05:49,930 --> 00:05:56,170
connection will come through the management interface and you can see that we have a management connection

71
00:05:56,170 --> 00:06:00,100
from the management interface to the windows station.

72
00:06:00,100 --> 00:06:02,070
So I would say just enter now.

73
00:06:02,100 --> 00:06:11,270
And and again save the configuration one last thing to do is to test basically I ICMP connectivity between

74
00:06:11,270 --> 00:06:18,380
the windows machine and the SSA and also check to see if the if the browser lowers the SDM or lowers

75
00:06:18,380 --> 00:06:20,080
the interface of this is crazy.

76
00:06:20,630 --> 00:06:22,210
So let's go and do that.

77
00:06:22,280 --> 00:06:27,980
Let's go to the Windows machine and open up command prompt.

78
00:06:27,980 --> 00:06:28,960
Let's see.

79
00:06:29,150 --> 00:06:30,700
Can't remember exactly.

80
00:06:30,710 --> 00:06:32,390
Probably I haven't configured yet.

81
00:06:32,390 --> 00:06:33,680
Yes I didn't.

82
00:06:34,580 --> 00:06:41,040
So we have to configure the interface the niqab for the management connection to the NSA.

83
00:06:41,180 --> 00:06:45,260
So the last one is disabled.

84
00:06:45,260 --> 00:06:58,830
So I'll see enable now and let's say also properties and once it loads let's go to DPP for properties

85
00:06:59,400 --> 00:07:05,790
and the IP address that should be configured is 170 to thirty one hundred that one hundred.

86
00:07:05,790 --> 00:07:11,630
So let's do that so use the following 172.

87
00:07:11,830 --> 00:07:20,170
Thirty one hundred one hundred and this is uh slash 24.

88
00:07:20,840 --> 00:07:28,060
And I will just click okay and close and close this ones to and now let's check again and see if we

89
00:07:28,060 --> 00:07:30,130
have the IP address configured here.

90
00:07:30,190 --> 00:07:31,190
Yes it is.

91
00:07:31,210 --> 00:07:33,500
Now let's try to being the management.

92
00:07:33,640 --> 00:07:35,720
IP address of the safe.

93
00:07:38,050 --> 00:07:44,770
And we have reached ability so you can see here on the desktop that I have installed already Cisco is

94
00:07:44,770 --> 00:07:46,150
the M launcher.

95
00:07:46,270 --> 00:07:52,530
So if you'd if you just double click it something will appear here in a second.

96
00:07:52,690 --> 00:07:59,270
And anyway we will have the possibility to connect to their say so the IP address username and password.

97
00:07:59,290 --> 00:08:01,770
Remember we have just defined it and so on.

98
00:08:01,840 --> 00:08:07,570
But if you don't have the software installed in the first place you'd have to go to a browser.

99
00:08:07,720 --> 00:08:14,800
Again the NSA has been configured to act like an HDTV server and you would say 172 in this case thirty

100
00:08:15,280 --> 00:08:22,660
one hundred and one no one hundred and one and you can see that.

101
00:08:22,990 --> 00:08:24,840
It's just like you would connect to a Web site.

102
00:08:24,940 --> 00:08:30,920
So click Advanced then proceed and here is the is the interface.

103
00:08:30,920 --> 00:08:38,000
So you have the option to install as the launcher now or Randy as the monitor and install it is the

104
00:08:38,010 --> 00:08:39,560
M S the M software.

105
00:08:39,590 --> 00:08:42,630
So Ron Cisco is done as a local application.

106
00:08:43,130 --> 00:08:48,650
Once you install the software and you have it available on your desktop like you can see here you can

107
00:08:48,650 --> 00:08:49,780
use it with.

108
00:08:50,380 --> 00:08:53,260
You can use it to connect to whatever you have.

109
00:08:53,660 --> 00:08:54,260
It doesn't matter.

110
00:08:54,260 --> 00:08:59,310
So it's not one for one software per say so use the name Cisco.

111
00:08:59,330 --> 00:09:08,830
Let's also say passwords Cisco and I will click OK so do you want to continue connection is untrusted

112
00:09:08,860 --> 00:09:09,330
anyway.

113
00:09:09,340 --> 00:09:10,330
We know what it is.

114
00:09:10,330 --> 00:09:11,860
So just click on continue.

115
00:09:12,520 --> 00:09:17,250
And now the Cisco SDM IBM launcher should start.

116
00:09:17,250 --> 00:09:18,110
Let's wait.

117
00:09:18,340 --> 00:09:23,440
Software Update completed and we we should be provided with the user interface.

118
00:09:23,440 --> 00:09:24,190
And here it is.

119
00:09:24,850 --> 00:09:32,630
So basically now just a short recap we have configured IP addressing on the Cisco assay both on the

120
00:09:32,630 --> 00:09:36,340
public or one side and also on the private or land side.

121
00:09:36,350 --> 00:09:43,230
We have also configured access on the management port through SDM from the windows machine.

122
00:09:43,250 --> 00:09:48,500
So basically we are now ready to start the configuration both of the H2 for the gate and the Cisco as

123
00:09:48,500 --> 00:09:51,970
a firewall for that IP Sig VPN side to side.

124
00:09:51,980 --> 00:09:54,650
So thank you for your time and see you in the next lecture.