Given that there is no longer a default login password, if Telnet authentication is not enabled (via AAA), there is no telnet mgmt access permitted via the 'telnet' command, and there is no desire to use Telnet for anything, is there still a rea...
I am curious to know if the following two statements / Twice NAT rules are equivalent (accomplish/mean the same thing and function in the same way):
DmzHostA = a real host on the local DMZ segment
RemoteHostB = a real host on a remote network t...
Sorry to rehash a topic that I am sure has been beaten to death multiple times but I still cant seem to find an exact answer to clarify my understanding on limiting/filtering VPN traffic. So, for ASAs running version 9.+:
For a given site(...
Looking at an ASA 8.2.1 with the following:- No ACL (inbound or outbound) applied to the inside interface (no outbound ACL on the outside interface)- IP reverse path verify not set on any interface- Internal network (behind inside interface) is ...
Here is a scenario I'd like to know about:A Cisco ASA running 8.2.5 with 3 interfaces: Outside (Sec lvl 0)/-nternet IP / DMZ (Sec lvl 2)-192.168.8.0/24 / Inside (Sec level 100)-192.168.1.0/24An ACL on the DMZ which looks like this:access list DMZ_IN ...
For the way #1 is written [nat (outside,dmz) .... ]
In addition to describing it as:
"When RemoteHostB on a remote vpn connected network accesses DmzHostA on the DMZ network, translate address of RemoteHostB to MappedIP-C"
Is it also correct to de...
Thank you for the response. It came to me during the overnight that I believe the 'equivalent' to #1 may be
nat (dmz,outside) source static DmzHostA DmzHostA destination static MappedIP-C RemoteHostB
Does this seem correct?
Thank you for your reply. While it makes sense, I am still curious why, for all of the VPN site to site documentation and examples that one finds, one never sees (or at least I have not seen) a step in the setup that includes being sure to creat...
I am thinking that the question boils down to this: if someone were to set themselves an external public IP not in use on an internal device and were to send out requests, would the response from the receiving device find a route back to the request.