Monthly Archives: January 2012
NAT exemptions are often required when a single ASA appliance is performing NAT and terminating VPN connections. In ASA configurations prior to 8.3 and 8.4, NAT exemptions were configured with “nat 0 access-list <acl name>” and a related access-list.
It seems like some of the more challenging things to do on an ASA involve some sort of traffic being redirected out the same interface it was received on. This article addresses the requirement for spoke to hub to spoke … Continue reading
There are several changes when an ASA is upgraded from 8.2 to 8.4(2). The most notable of these are the ones dealing with the syntax of the NAT configuration. However, there is another gotcha that you might not be expecting. SSH will … Continue reading
A little while back, I posted an article that took a very simple ASA configuration and migrated it to 8.4. This article takes it a step further and focuses on NAT and PAT, as well as the related access control … Continue reading
More and more, the Internet is being used as a connection to business partners. Typically this requires building an IPSec Tunnel between two VPN capable endpoints. For me the device of choice is the Cisco ASA. Since we are connecting to a business … Continue reading
Do you use upper and lower case letters in your Internet Banking passwords in an attempt to achieve additional security? What if I told you that in many cases it did not even matter? The FFIEC (Federal Financial Institutions Examination … Continue reading