Blog Archives

Cisco ASA firewall and ICMP traffic

In this video I explain how ICMP Traffick (like pings, echo, echo-reply) is handled in the firewall. The ICMP packets are being handled in 3 different ways depending if the traffic is to the box, from the box or thru

Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , ,
Posted in Cisco Security, Security

ASA Nat behavior with multiple public ip ranges changed after upgrade

I recently upgraded a customer ASA from v8.2 to 9.0 and while doing that I found out that some (yeah!) of the static NAT translations didn´t work after the upgrade. Skilled ASA-upgraders knows that this happens a lot. That´s why

Tagged with: ,
Posted in Cisco Security

Perverted NAT

This is probably the most perverted form of NAT I have ever done. <flamebait> But, it serves as a proof that with proper NAT there is no need for routing </flamebait>   Scope: There is a Cisco ASA running code

Tagged with: ,
Posted in Cisco Security

Doing some magic translations in Cisco ASA

I recently got a question from a collegue regarding address translations in Cisco ASA. He wrote: Got a question from a customer if you can do the following: 1. NAT the . IP address of a machine located on the

Tagged with: ,
Posted in Cisco Security, Uncategorized


[mc4wp_form id="2457"]
Website Security Test