My Cisco ASA Notes

From Got Opinion Wiki
Jump to navigation Jump to search

My notes were taken using Cisco Adaptive Security Appliance Software Version 9.10


NAT basics

  • Real address / host / network / interface : real address is address defined on host, before translation.
  • Mapped address / host / network / interface : mapped address is address that real address is translated into
  • bidirectional initiation : static NAT allows communications to be initiated bidirectionally, meaning both to host and from host
  • source and destination NAT : for any given packet, both source and destination IP address are compared to NAT rules, and one or both can be translated / untranslated

Types of NAT

  • Dynamic NAT : a group of real IP addresses are mapped to a group of mapped IP addresses. Only real host can initiate traffic
  • Dynamic Port Address Translation (PAT): a group of real IP addresses are mapped to a single IP address using a unique source port of that IP address
  • Static NAT : a consistent mapping between a real and mapped IP address. Allows bidirectional traffic initiation
  • Identity NAT : A real address is statically translated to itself, essentially bypassing NAT
To Networking