Network Address Translation - Cisco ASA and ASAx Firewalls
4.6 (11 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
50 students enrolled

Network Address Translation - Cisco ASA and ASAx Firewalls

EVERYTHING you need to know about NAT, and its configuration and verification on Cisco ASA and ASAx Firewalls.
Hot & New
4.6 (11 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
50 students enrolled
Created by Ed Harmoush
Last updated 5/2020
English
English [Auto]
Current price: $12.99 Original price: $24.99 Discount: 48% off
6 hours left at this price!
30-Day Money-Back Guarantee
This course includes
  • 4 hours on-demand video
  • 1 article
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • Network Address Translation (NAT)
  • Static NAT, Static PAT, Dynamic PAT, Dynamic NAT, Policy NAT, Twice NAT, Identity NAT, NAT Exemption
  • Syntax and Configuration of NAT on Cisco ASA and ASAx Firewalls
  • Operation and Verification of NAT on Cisco ASA and ASAx Firewalls
Requirements
  • Basic understanding of computer networks
Description

This course has three modules.

The first module will teach you Everything there is to know about Network Address Translation: Why it exists, How it it works, What happens to packets as they get translated. This module will explain every type of translation:  Static NAT, Static PAT, Dynamic PAT, and Dynamic NAT. You'll learn about each of these in a way that is completely vendor agnostic -- the concepts you learn here will apply to any vendor and any platform. You'll then learn how these four types of translations are used in Policy NAT and Twice NAT.

The second module will teach you the Syntax and Configuration of every type of NAT. There are two ways to configure NAT on a Cisco ASA and ASAx Firewall, and those two ways are Auto NAT and Manual NAT. Both of these methods require the use of objects, so this module starts with by defining and configuring objects. Then we discuss Auto NAT, when to use it and how to configure it. Then we talk through Manual NAT and provide configuration examples of every type of NAT it can configure. That leads us into an illustration of NAT Exemption. Finally, we finally wrap up with a discussion on NAT precedence and the order in which NAT statements are evaluated by the ASA..

Lastly, the third module will circle back to the concepts learned in the first module, and actually prove and demonstrate every claim that was made about NAT. The goal of this course is not only to tell you how NAT works, but also to prove it to you so you can see it for yourself.

Who this course is for:
  • Network Engineers / Admins looking to Truly understand NAT
  • CCNA/CCNP Security Certification candidates
  • Anyone who configures or troubleshoots NAT on a Cisco Firewall
Course content
Expand all 25 lectures 03:54:42
+ Network Address Translation - Operation and Concepts
10 lectures 01:13:06
Introduction
00:38

Questions that will be answered in this lesson:

  • Why does NAT exist?

  • Why does every device need an IP address?

  • How does NAT solve the problem of IP address depletion?

Preview 07:22
  • What to the words NAT vs PAT mean?

  • What is a Static translation vs a Dynamic translation?

  • There are only four types of address translation -- what are they?

Preview 06:50
  • What is a Static NAT?

  • What is a Bidirectional translation?

  • Does Static NAT conserve IP addresses?

Preview 07:05
  • What is a Static PAT?

  • Is a Static PAT Bidirectional?

  • What are some use cases for a Static PAT?

  • Does Static PAT conserve IP addresses?

Static PAT
08:46
  • What is a Dynamic PAT?

  • What is a Unidirectional translation?

  • Does Dynamic PAT conserve IP addresses?

  • Why are the source ports re-randomized?

  • Why must the source ports of the Global IP address be unique?

Dynamic PAT
15:06
  • What is a Dynamic NAT?

  • What are some use cases for a Dynamic NAT?

  • Are Dynamic NAT's used commonly today? Why or Why Not?

Dynamic NAT
11:36
  • What is a Policy NAT?

  • How is a Policy NAT similar to or different from the translations we discussed earlier?

  • What are some potential use cases for a Policy NAT?

Policy NAT
06:13
  • What is a Twice NAT?

  • How is a Twice NAT similar to or different from the translations we've discussed prior?

  • What are some potential use cases for Twice NAT?

Twice NAT
05:10

Every type of NAT we've discussed in this course is how NAT works as a concept -- which means it will apply to ALL VENDORS and ALL DEVICES. The only problem is... every vendor likes to call their implementation of NAT something different. This video shows a few examples of the different names used for NAT from different vendors, and shows you what Wikipedia and the RFC call the different iterations of NAT we discussed in this module.

Vendor Terminology Disambiguation
04:20
+ Syntax and Configuration of NAT on Cisco ASA and ASAx Firewalls
9 lectures 01:35:32
Objects - Part 1
06:37
Objects - Part 2
11:07
Real vs Mapped
03:53
Auto NAT
13:50
Manual NAT - Part 1
11:45
Manual NAT - Part 2
17:51
NAT Precedence - Part 1
11:43
NAT Precedence - Part 2
14:05
+ Operation and Verification of NAT on Cisco ASA and ASAx Firewalls
6 lectures 01:06:04
Topology Introduction
10:05
Static NAT
09:39
Static PAT
15:02
Dynamic PAT - Part 1
14:57
Dynamic PAT - Part 2
04:44
Dynamic NAT
11:37