Tag Archives: ASA

CISCO ASA How to:

How to check ASA version: asa# show version | inc Version Cisco Adaptive Security Appliance Software Version 9.2(4)8 Device Manager Version 7.5(2)153 How to check ASA hardware: asa# show version | inc Hardware Hardware:   ASA5545, 12288 MB RAM, CPU Lynnfield … Continue reading

Posted in ASA | Tagged , , | Leave a comment

Take packet captures on ASA

If we need to take packet capture during some troubleshooting on ASA we can take captures on ASA as follows. We can take capture on interface where the traffic will hit and on interface where traffic will go i.e ingress … Continue reading

Posted in ASA | Tagged , , , , , , , | Leave a comment

Allow ping through ASA

R1 wants to ping to R3 but is not able to ping. By default CISCO ASA doesn’t inspect icmp it means that if you want to ping to some server from LAN ping reply will not come. To allow ping … Continue reading

Posted in ASA | Tagged , , , , , | Leave a comment

ASA 8.4 Example

Access webserver from outside: object network real-host-obj  host 192.168.1.2 object network mapped-host-obj  host 1.1.1.1 nat (inside,outside) source static real-host-obj mapped-host-obj access-list allow-webserver-inside extended permit ip any host 192.168.1.2 access-group allow-webserver-inside in interface outside

Posted in ASA | Tagged , , | Leave a comment

ASA 8.4 NAT

Network object NAT rule: All NAT rule having network object are considered to be as network object NAT rule. In Network object NAT rule we cannot specify when traffic is coming from this host going to this host translate the … Continue reading

Posted in ASA | Tagged , , , | Leave a comment

ASA 8.2 NAT Examples

Access webserver from outside: Here we want to allow access to webserver from Internet. We have to configure NAT so that whenever anyone from outside hits 1.1.1.80 on port 80 traffic goes to 192.168.1.1 on port 80 static (inside,outside) tcp … Continue reading

Posted in ASA | Tagged , , , | Leave a comment

ASA 8.2 packet flow

Packet will be received on ingress interface and will be kept in the internal buffer  and interface counter will be incremented. Now ASA will check if the packet belongs to some existing session or it is a new session If … Continue reading

Image | Posted on by | Tagged , , | Leave a comment