Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1059
Views
0
Helpful
2
Replies

ASA functional testing

Go to solution
ArekMusz01
Level 1
Level 1

‎07-21-2015 05:12 AM - edited ‎03-11-2019 11:18 PM

Hi

 

I try to prepare a test plan to verify the functionality of new IOS ( also upgraded to a newer version ). I would like to test the ASA features before deploying the device into production.

 

Example:

 

L2 – ?

L3 – routing protocols ( ospf, rip, bgp), VRRP , NAT,

Mgmt – ASDM, access through ssh, tacacs/radius, local accounts,

 

I hope you got my point ? If anyone have any suggestion what I should test please share your minds.

 

Thank you in advance :)

 

A.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marius Gunnerud
VIP
VIP

‎07-21-2015 12:33 PM

Well, normally in a product acceptance test, as you are suggesting, you would need to map out your requirements for the device and test those, since that is what you will be using it for.  For example, you would not be running an ASA in both tranparent mode (L2) and routed mode (L3) at the same time.

Based on your network needs you will have the necessary information to build your lab.

Some of the more common tests that I always do are the following:

Management

- SSH access

- ASDM access

- Console access

- TACACS+ / RADIUS authentication

- Local user authentication

- configuration via CPI (if required)

Logging

- logging to a syslog server

- logging SNMP traps

Routing

- static routes

- dynamic routes (you don't need to test them all, just the ones you will be using)

Traffic Filtering and Control

- Interface ACL

- NAT

I am sure there are a lot more that could be placed under each category and possibly a few subsection could be added.  But my main point is:  identify you network needs and write them down. Build you lab based on these needs.

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Marius Gunnerud
VIP
VIP

‎07-21-2015 12:33 PM

Well, normally in a product acceptance test, as you are suggesting, you would need to map out your requirements for the device and test those, since that is what you will be using it for.  For example, you would not be running an ASA in both tranparent mode (L2) and routed mode (L3) at the same time.

Based on your network needs you will have the necessary information to build your lab.

Some of the more common tests that I always do are the following:

Management

- SSH access

- ASDM access

- Console access

- TACACS+ / RADIUS authentication

- Local user authentication

- configuration via CPI (if required)

Logging

- logging to a syslog server

- logging SNMP traps

Routing

- static routes

- dynamic routes (you don't need to test them all, just the ones you will be using)

Traffic Filtering and Control

- Interface ACL

- NAT

I am sure there are a lot more that could be placed under each category and possibly a few subsection could be added.  But my main point is:  identify you network needs and write them down. Build you lab based on these needs.

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

Go to solution
ArekMusz01
Level 1
Level 1
In response to Marius Gunnerud

‎07-28-2015 02:46 AM

Cheers buddy.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card