Cisco ASA Static (One to One) NAT Translation
KB ID 0000691 Problem Note: This is for Cisco ASA 5500, 5500-x, and Cisco Firepower devices running ASA Code. If you have a spare/available public IP address you can statically map that IP address to one of your network hosts, (i.e. for a mail server, or a web server, that needs public access). This is commonly referred to as a ‘Static NAT’, or a ‘One to One translation’. Where all traffic destined for public...
Microsoft Exchange – Forwarding Mail To External Email Addresses
KB ID 0001350 Problem Note: Below I’m using Exchange 2016, but the same approach will work for previous versions. There are a load of reasons why you might want to do this, but before you go off in this direction consider why you are doing this in the first place. For example, if the user requesting this does not need an Exchange mailbox, i.e. because they only use their Gmail account then it’s probably a better idea to...
Juniper SRX Firewall – Allow Web Management from Outside
KB ID 0000708 Problem Assuming you already have web management enabled, and you want to access it from the outside (the untrusted zone). Solution 1. Log into the web console of the Juniper. 2. Navigate to Security > Zones/Screen > Select the ‘Untrust’ Zone > Edit > Host inbound traffic – Interface > Select the Outside interface > Under Interface services add in ‘http’ > OK. 3. Then...
PIX 506E and 501 Firewall Image and PDM Upgrade
KB ID 0000065 Problem Note: PIX 515E and above, can still be upgraded to version 8.0(4) click here for details Some people will wonder why I’m bothering to write this up, but the truth is, there are LOADS of older PIX firewalls out there in the wild, and all the PIX 501’s and 506E’s that are being retired from corporate use are being bought on ebay, or being put on IT departments test benches. This page deals with...
Backup and Restore a Cisco Firewall.
KB ID 0000076 Problem There are many different versions of PIX and ASA Firewalls. So, if you want to get a backup of the configuration and save it elsewhere, (so in the event of a failure, (or more likely someone tinkering and breaking the firewall)). you will be able to recall and restore that configuration. By far the easiest method is to use a TFTP server – and it works on ALL versions, so learn it once and use it many...