NAT enhancements There are a few little tricks to improve NAT performance. The first would be translation timeout. Translation timeout returns a translated address back to the pool. The default is 3:00 hours. If you have a smaller pool or…

I hope you enjoy this extract from my upcoming ebook – Deploying Cisco ASA firewalls. –DNS on ASA– This section looks at the provision of DNS functions on the ASA. Whilst it cannot provide DNS AAA records it does provide…

There are 101 security levels on the ASA. This may not be enough and you might be required to use the same security level a few times. We know that higher security level interfaces can talk pass traffic to lower…

In a simple deployment I needed to add a DHCP server to the ASA. No worries there. Quick little configuration like this does the job. dhcpd address 192.168.36.10-192.168.36.50 dmz36 dhcpd lease 3600 interface dmz36 dhcpd dns 192.168.36.1 dhcpd domain ciscoinferno.net…

The importance of time should not be under estimated. NTP allows synchronisation of clock information across your network. I am labbing my ASA inside GNS3 and want to set up a router to be the Timekeeper! The idea of this firewall…