Posted on by pandom

–Network Address Translation, ASA 8.2 NAT is required for a number of scenarios and can be used in the most unusual places. Most common is translation of a private RFC 1918 address into a globally routed public IP address. An…

Posted on by pandom

–Routing on ASA– The ASA supports static and dynamic routing protocols. As of ASA code release 8.3+ most routing protocols are supported. OSPF, EIGRP, RIPv2, and static routing are the protocols the ASA can use. Static Routes Static routes are…

Posted on by pandom

–Transparent and Routed Firewalls– There are two modes in which you can have your firewall; routed or transparent mode. Each mode will treat the packets differently and operate in its own way. Depending on your requirements of your design you…

Posted on by pandom

NAT enhancements There are a few little tricks to improve NAT performance. The first would be translation timeout. Translation timeout returns a translated address back to the pool. The default is 3:00 hours. If you have a smaller pool or…

Posted on by pandom

I hope you enjoy this extract from my upcoming ebook – Deploying Cisco ASA firewalls. –DNS on ASA– This section looks at the provision of DNS functions on the ASA. Whilst it cannot provide DNS AAA records it does provide…

Posted on by pandom

In a simple deployment I needed to add a DHCP server to the ASA. No worries there. Quick little configuration like this does the job. dhcpd address 192.168.36.10-192.168.36.50 dmz36 dhcpd lease 3600 interface dmz36 dhcpd dns 192.168.36.1 dhcpd domain ciscoinferno.net…

Posted on by pandom

The importance of time should not be under estimated. NTP allows synchronisation of clock information across your network. I am labbing my ASA inside GNS3 and want to set up a router to be the Timekeeper! The idea of this firewall…