An Outside User Visits A Web Server On The Inside Network - Cisco ASA 5505 Configuration Manual
Asa 5500 series
Hide thumbs
Also See for ASA 5505:
- Getting started manual (168 pages) ,
- Administrator's manual (118 pages) ,
- Hardware installation manual (82 pages)
Table of Contents
Advertisement
Chapter 5
Configuring the Transparent or Routed Firewall
6.
7.
An Outside User Visits a Web Server on the Inside Network
Figure 5-10
Figure 5-10
The following steps describe how data moves through the adaptive security appliance (see
1.
2.
OL-20339-01
If the destination MAC address is not in the adaptive security appliance table, the adaptive security
appliance attempts to discover the MAC address by sending an ARP request and a ping. The first
packet is dropped.
The web server responds to the request; because the session is already established, the packet
bypasses the many lookups associated with a new connection.
The adaptive security appliance performs NAT by translating the mapped address to the real address,
10.1.2.27.
shows an outside user accessing the inside web server.
Outside to Inside
Host
Internet
209.165.201.2
209.165.201.1
209.165.200.230
Web Server
209.165.200.225
A user on the outside network requests a web page from the inside web server.
The adaptive security appliance receives the packet and adds the source MAC address to the MAC
address table, if required. Because it is a new session, it verifies that the packet is allowed according
to the terms of the security policy (access lists, filters, AAA).
For multiple context mode, the adaptive security appliance first classifies the packet according to a
unique interface.
Management IP
209.165.201.6
Cisco ASA 5500 Series Configuration Guide using ASDM
Firewall Mode Examples
Figure
5-10):
5-23
- Quick Links:
- Starting Asdm
- Downloading the Asdm Launcher
Hide quick links:
Advertisement
Chapters
Table of Contents
