Essential NAT Types and Commands in ASA Firewalls

NAT IN ASA FIREWALL
WWW.NETPROTOCOLXPERT.IN

WHAT IS THE COMMAND TO SWITCH BACK TO SINGLE MODE?
• # MODE SINGLE
WHAT ARE DIFFERENT TYPES OF NAT IN ASA?
• STATIC NAT - A CONSISTENT MAPPING BETWEEN A REAL AND MAPPED IP
ADDRESS. IT ALLOWS BIDIRECTIONAL TRAFFIC INITIATION.
• DYNAMIC NAT - A GROUP OF REAL IP ADDRESSES ARE MAPPED TO A (USUALLY
SMALLER) GROUP OF MAPPED IP ADDRESSES ON A FIRST COME FIRST SERVED
BASIS. IT ALLOWS ONLY UNIDIRECTIONAL TRAFFIC INITIATION.
• DYNAMIC PORT ADDRESS TRANSLATION (PAT) - A GROUP OF REAL IP
ADDRESSES ARE MAPPED TO A SINGLE IP ADDRESS USING A UNIQUE SOURCE
PORT OF THAT IP ADDRESS.
• IDENTITY NAT - A REAL ADDRESS IS STATICALLY TRANSLATED TO ITSELF,
ESSENTIALLY BYPASSING NAT.

WHAT IS POLICY NAT?
• POLICY NAT ALLOWS YOU TO NAT BY SPECIFYING BOTH THE SOURCE AND
DESTINATION ADDRESSES IN AN EXTENDED ACCESS LIST. WE CAN ALSO
OPTIONALLY SPECIFY THE SOURCE AND DESTINATION PORTS. REGULAR NAT
CAN ONLY CONSIDER THE SOURCE ADDRESSES, NOT THE DESTINATION
ADDRESS .
• IN STATIC NAT IT IS CALLED AS STATIC POLICY NAT.
• IN DYNAMIC NAT IT IS CALLED AS DYNAMIC POLICY NAT.

GIVE THE ORDER OF PREFERENCE BETWEEN DIFFERENT TYPES OF
NAT?
1.NAT EXEMPTION.
2.EXISTING TRANSLATION IN XLATE.
3.STATIC NAT
• STATIC IDENTITY NAT
• STATIC POLICY NAT
• STATIC NAT
• STATIC PAT
4.DYNAMIC NAT
• NAT ZERO
• DYNAMIC POLICY NAT
• DYNAMIC NAT
• DYNAMIC PAT

WHAT IS THE DIFFERENCE BETWEEN AUTO NAT & MANUAL NAT?
• AUTO NAT (NETWORK OBJECT NAT) - IT ONLY CONSIDERS THE SOURCE
ADDRESS WHILE PERFORMING NAT. SO, AUTO NAT IS ONLY USED FOR STATIC
OR DYNAMIC NAT. AUTO NAT IS CONFIGURED WITHIN AN OBJECT.
• MANUAL NAT (TWICE NAT) - MANUAL NAT CONSIDERS EITHER ONLY THE
SOURCE ADDRESS OR THE SOURCE AND DESTINATION ADDRESS WHILE
PERFORMING NAT. IT CAN BE USED FOR ALMOST ALL TYPES OF NAT LIKE NAT
EXEMPT, POLICY NAT ETC.
UNLIKE AUTO NAT THAT IS CONFIGURED WITHIN AN OBJECT, MANUAL NAT IS
CONFIGURED DIRECTLY FROM THE GLOBAL CONFIGURATION MODE.

• GIVE NAT ORDER IN TERMS OF AUTO NAT & MANUAL NAT?
• NAT IS ORDERED IN 3 SECTIONS.
SECTION 1 – MANUAL NAT
SECTION 2 – AUTO NAT
SECTION 3 – MANUAL NAT AFTER-AUTO

WHAT ARE THE COMMAND TO SEE NAT TRANSLATIONS?
• # SH XLATE
• # SH NAT
WHAT IS THE COMMAND TO SEE BOTH NAT TABLE AND CONNECTION TABLE?
• # SH LOCAL-HOST

Essential NAT Types and Commands in ASA Firewalls

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Destaque

Destaque (20)

Semelhante a Essential NAT Types and Commands in ASA Firewalls

Semelhante a Essential NAT Types and Commands in ASA Firewalls (20)

Mais de NetProtocol Xpert

Mais de NetProtocol Xpert (20)

Último

Último (20)

Essential NAT Types and Commands in ASA Firewalls