View Cart
0 Items | Total: US$0.00
Welcome,      Register

You are here

Home

NAT

SEC0102 - ASA 9.x NAT46 NAT64 DNS64 Object NAT (Part 1)

The video walks you through configuration NAT64, NAT46, and DNS64 on Cisco ASA using Object NAT to connect IPv6 to IPv4 network. We will look at both Stateless and Stateful NAT64 and NAT46, and highlight their pros and cons, and suggest when you should use one over the other. For Stateful NAT64, we will configure static, dynamic NAT, and PAT. We will also go over how DNS64 can help translating IP embedded in DNS packet as it crosses the v4-v6 network boundary. Packet analysis on Wireshark will be performed to help us gain better understanding of the IP address translation.

Rating: 
5
Average: 5 (1 vote)
Difficulty Level: 
0
Tag: 
ipv6
asa
NAT
nat64
nat46
dns64
wireshark

RS0051 - IPv6 NAT-PT (Part 2)

The video demonstrates a method to interface IPv6 to IPv4 network using NAT-PT on Cisco router. We will cover the basic 1-to-1 static NAT, dynamic NAT, and PAT primarily translating IPv6 source IP to IPv4. We will then look at DNS ALG feature that helps rectifying an embedded IP as DNS reply crosses IPv4-IPv6 boundary, while analysing it by Wireshark. We will configure IPv4 Mapped NAT feature to automate destination NAT process by mapping the entire IPv4 address space to IPv6 /96 subnet. The lab finishes with modification of the NAT global timeout values.

Rating: 
0
No votes yet
Difficulty Level: 
3
Tag: 
ipv6
NAT
nat-pt
wireshark

RS0050 - IPv6 NAT-PT (Part 1)

The video demonstrates a method to interface IPv6 to IPv4 network using NAT-PT on Cisco router. We will cover the basic 1-to-1 static NAT, dynamic NAT, and PAT primarily translating IPv6 source IP to IPv4. We will then look at DNS ALG feature that helps rectifying an embedded IP as DNS reply crosses IPv4-IPv6 boundary, while analysing it by Wireshark. We will configure IPv4 Mapped NAT feature to automate destination NAT process by mapping the entire IPv4 address space to IPv6 /96 subnet. The lab finishes with modification of the NAT global timeout values.

Rating: 
5
Average: 5 (1 vote)
Difficulty Level: 
0
Tag: 
ipv6
NAT
nat-pt
wireshark

SEC0079 - ASA 1000V L2L IPSec VPN (ASDM CLI Mode)

The video shows you how to configure site-to-site IPSec VPN on Cisco ASA 1000V in ASDM mode via CLI. We will go through IKEv1 Phase 1 and Phase 2 configuration to establish an IPSec VPN tunnel to a physical ASA to provide remote access to our servers in the virtual datacenter. You will see the VPN configuration on ASA 1000V being almost identical to a physical ASA.
Topic:
  • ASA 1000V VPN - IKEv1 Phase1/2
  • ASA 1000V VPN - IPSec
  • ASA 1000V NAT Bypass (ie. Self-NAT)
Rating: 
0
No votes yet
Difficulty Level: 
3
Tag: 
asa 1000v
asa
vnmc
n1kv
nexus 1000v
firewall
vpn
ipsec
l2l
NAT

SEC0078 - ASA 1000V Advance Security Profile (ASDM CLI Mode)

The video looks at advance features on Cisco ASA 1000V in ASDM mode via CLI. This includes Connection Timeout, IP Audit, Application Inspection, and TCP Normalize/Intercept. There are also features like packet fragment settings, and QoS that are not available for configuration in VNMC mode. In addition, we will configure static NAT and inbound ACL to allow our web servers to be accessed from outside.
Topic:
  • ASA 1000V Security Profile
    • Connection Timeout
    • IP Audit 
    • Static NAT, Port-Forwarding
Rating: 
0
No votes yet
Difficulty Level: 
4
Tag: 
asa 1000v
asa
vnmc
n1kv
nexus 1000v
firewall
acl
NAT
qos

SEC0077 - ASA 1000V Basic Security Profile (ASDM CLI Mode)

The video walks you through basic security profile configuration on Cisco ASA 1000V in ASDM mode via CLI. We will demonstrate the concept of Security Profile interfaces by applying different security policies based on Ingress ACL and NAT to our Web and DB servers. We will also go through configuration on a Nexus 1000V to have a VEM communicate with the ASA 1000V and enforce the security policies on a port-profile. The lab ends with connectivity testing to verify our configurations.
Note:
Rating: 
0
No votes yet
Difficulty Level: 
3
Tag: 
asa 1000v
asa
vnmc
n1kv
nexus 1000v
firewall
NAT
acl

SEC0074 - ASA 1000V L2L IPSec VPN (VNMC Mode)

The video shows you how to configure site-to-site IPSec VPN on Cisco ASA 1000V in VNMC mode. We will go through VPN Device Policy (Phase 1) and Interface Policy Set (Phase 2) configuration to establish an IPSec VPN tunnel to a physical ASA to provide remote access to our servers in the virtual datacenter. 
Note: 
  • VPN Interface Policy only take affect when applied to an outside interface
Topic:
  • ASA 1000V VPN Device Policy (Phase 1)
    • IKE Policy
Rating: 
0
No votes yet
Difficulty Level: 
3
Tag: 
asa 1000v
asa
vnmc
n1kv
nexus 1000v
firewall
vpn
ipsec
l2l
NAT

SEC0073 - ASA 1000V Advance Edge Security Profile and Policies (VNMC Mode)

The video looks at advance features on Cisco ASA 1000V in VNMC mode. This includes Connection Timeout, IP Audit, Application Inspection, and TCP Intercept. In addition, we will configure static NAT and inbound ACL to allow our web servers to be accessed from outside.
Topic:
  • ASA 1000V Security Profile
    • Connection Timeout Policy
    • IP Audit Policy
    • Static NAT Policy
    • Application Inspection Policy
    • TCP Intercept Policy
    • Access Control List (ACL)
Rating: 
0
No votes yet
Difficulty Level: 
4
Tag: 
asa 1000v
asa
vnmc
n1kv
nexus 1000v
firewall
acl
NAT

SEC0072 - ASA 1000V Basic Edge Security Profile and Policies (VNMC Mode)

The video walks you through basic configuration of Edge Security Profile and Policies on Cisco ASA 1000V in VNMC mode. We will demonstrate the concept of Security Profile interfaces by applying different security policies based on Ingress ACL and NAT to our Web and DB servers. We will also go through configuration on a Nexus 1000V to have a VEM communicate with the ASA 1000V and enforce the security policies on a port-profile. The lab ends with connectivity testing to verify our configurations.
Note:
Rating: 
0
No votes yet
Difficulty Level: 
3
Tag: 
asa 1000v
asa
vnmc
n1kv
nexus 1000v
firewall
NAT
acl

SEC0008 - ASA 8.3 8.4 NAT Migration Recommendation

The video combines the knowledge from our two previous videos on Object NAT and Twice NAT, and provides some guidelines on how to use them together on a single NAT table. We also discuss about pre-8.3 migration strategies and how the legacy command syntax (eg. nat, global, static, access-list) can be mapped to the new. We finish off the video with an experiment on the placement of destination NAT statement on the NAT table, and note its significance. We hope that you will have a better understanding on ASA 8.3 NAT by the end of this video.

Rating: 
0
No votes yet
Difficulty Level: 
2
Tag: 
NAT
asa

Pages

Subscribe to RSS - NAT