Cisco ASA – Global Access Lists
Nov17

Cisco ASA – Global Access Lists

KB ID 0001019 Problem I’ve been working for a client that has a large firewall deployment, and they have twelve switches in their six DMZ’s. I wanted to take a backup of these switches (and all the other network devices). While I was bemoaning the amount of ACL’s that I would need to allow TFTP in from, (note: that’s UDP port 69 if you are interested). My colleague said “Why not use a global ACL?”,...

Read More
Cisco ASA – Policy NAT
Nov17

Cisco ASA – Policy NAT

KB ID 0001042 Problem I’ve been working on a large firewall deployment for a client, each of their DMZ’s have both a production and a management network. nothing particularly strange about that, but each of their DMZ’s has its own firewalled management network and it’s routable from the LAN. So If I’m an admin and I want to talk to a Linux appliance in their DMZ via its management interface, my traffic...

Read More