Currently browsing category

6 Security

Cisco IOS Firewall

1. CBAC – Context Based Access Control CBAC allows examination of traffic at the Application Layer, not just Layer 3 or Layer 4 as in ACLs. It can maintain session information and create temporary openings to allow return traffic for permissible sessions. CBAC maintains a state table both for TCP …

ACLs 101

An ACL contains one or more ACEs (Entries) that permit or deny traffic and have an implicit deny any at the end. 1. Numbered ACLs 1.1 Standard ACLs R(config)# access-list ACL-NUMBER {permit|deny} {IP-ADDRESS [WILDCARD] | any} [log] ! ACL-NUMBER: 1-99, 1300-1999 ! when the wildcard is missing, a default of …

NAT 101

1. Inside, Outside, Local, Global When defining NAT it is important to understand what Inside/Outside and Local/Global mean. When we use NAT, our router will be at the border between the Inside and the Outside zones. Hosts on the Inside are configured with addresses from the LOCAL Address Space and …

NAT for Overlapping Networks

When we have 2 networks with overlapping addresses, chances are it’s not going to work. Unless, you use NAT. The situation we have to deal is can be seen in the next diagram: We have 2 routers, Router 1 and Router 2, connected via the 12.12.12.0/24 subnet. Each router has …