Configuring Network Address Translation (NAT) | Cisco ASA Firewalls
Configuring Network Address Translation (NAT) | Cisco ASA Firewalls
By popular demand, here is the live config and explanation of Network Address Translation (NAT) on the Cisco ASA Firewall.
We’re approaching this by using a lab, built in VIRL. This is based on the lab we used in the ACL video. If you’re a Patreon supporter you can download this lab in VIRL, GNS3, or just the config files (link below).
We’ve created a more realistic scenario, where we need public IP addresses to reach the internet. There’s a few things that we need to configure now; We need an IP for general internet access (dynamic NAT, using PAT or a PAT pool), We also need a static NAT, so devices on the internet can reach the intranet server.
In addition, we want to consider how DNS will work, now that there will be different IP addresses on the Inside, DMZ, and Outside areas.
There are some concepts we’ll cover as well. These include Object NAT and Twice NAT, and how they apply in different sections to create NAT policies.
Another concept is real addresses (the original address) and mapped addresses (the translated address). In addition, we need to consider unidirectional NAT and bidirectional NAT. Not to mention talking about source NAT and destination NAT.
Lab: https://networkdirection.net/labsandquizzes/labs/lab-nat-on-the-cisco-asa/
Patreon information: https://networkdirection.net/patreon/
ASA Clustering: https://www.youtube.com/watch?v=5cZ8D3T2ZAA
Cisco ASA: All-in-one Next-Generation Firewall, IPS, and VPN Services (affiliate): https://click.linksynergy.com/link?id=RL4E*8CmbSY&offerid=145238.1753482&type=2&murl=http%3A%2F%2Fwww.ciscopress.com%2Ftitle%2F9781587143076
Overview of this video:
0:00 Introduction
0:21 Lab Setup
2:17 ASA’s Viewpoint of NAT
4:34 Static NAT
7:02 Dynamic NAT
12:47 Rule Order
16:40 Static Port Translation
18:28 Identity NAT
20:57 DNS Rewrite
LET’S CONNECT
🌏 https://www.youtube.com/c/networkdirection
🌏 https://twitter.com/NetwrkDirection
🌏 https://www.patreon.com/NetworkDirection
🌏 https://www.networkdirection.net
#NetworkDirection
cisco