Text only | Text with Images

Networking-Forums.com

Professional Discussions => Security => Topic started by: icecream-guy on July 28, 2017, 01:40:42 PM

Title: ASA order of operatgions
Post by: icecream-guy on July 28, 2017, 01:40:42 PM
Anyone have any pretty pictures of the ASA order of operations (not the NAT one)  <= 8.2 and >= 8.3?
Title: Re: ASA order of operatgions
Post by: deanwebb on July 28, 2017, 02:58:10 PM
Would something from the CCNP-Firewall (circa 2013, old CCNP-Security version) book be what you're looking for? If so, I can hunt through it for stuff like that.
Title: Re: ASA order of operatgions
Post by: mlan on July 28, 2017, 02:59:40 PM
@ristau - Stepping through the packet tracer GUI output might also inform the discussion.
Title: Re: ASA order of operatgions
Post by: Dieselboy on July 29, 2017, 08:28:31 AM
Is this any good?

(http://ptgmedia.pearsoncmg.com/images/chap2_9781587144462/elementLinks/02fig15_alt.jpg)

Title: Re: ASA order of operatgions
Post by: Dieselboy on August 01, 2017, 05:46:03 AM
Also worth noting that the firewall policy map is a compound match. Meaning, if it matches multiple lines, it then applies the rules applicable to all lines. It's not like an ACL where it matches the first "match" and that's the end. It goes from top to bottom and works out all of the matches and then applies all of the rules it matches against.
Title: Re: ASA order of operatgions
Post by: dlots on August 01, 2017, 11:32:51 AM
Quote from: Dieselboy on July 29, 2017, 08:28:31 AM
Is this any good?



I would say yes, that is quite helpful :-D
Text only | Text with Images