Glad the video content is useful. Keep watching, a new video is posted every Tuesday, Thursday and Saturday at 09 PM IST. Happy Learning. :-)

Hi Souvik Das Glad the video content is useful. Keep watching, a new video is posted every Tuesday, Thursday and Saturday at 09 PM IST. Happy Learning. :-)

You're welcome! You're absolutely correct. In Cisco ASA, NAT does indeed occur before ACL processing, especially when dealing with inbound connections using private IP addresses. Your understanding is spot on! If you have any more questions or need further clarification, feel free to ask.

Thanks Sir, can I have the inbound Packet flow diagram to understand.

Glad the video content is useful. Keep watching, a new video is posted every Tuesday, Thursday and Saturday at 09 PM IST. Happy Learning. :-)

Hi Rathod, Your statement is mostly correct. This will be used in cases where there is a webserver inside accessible from the public network using public NAT to the private IP of the webserver. This is similar to ASA Firewall and Destination NAT in Palo Alto Firewall.

We are Glad the video content is useful. Keep watching; a new video is posted daily at 09 PM IST. Happy Learning. :-) KZbin Subscribe Link: kzbin.info ✅ For Admission, Call +91-8750004411 OR Chat with us on WhatsApp: wa.me/918750004411

It will be applicable to remote-side ASA firewall.

In the context of Cisco ASA (Adaptive Security Appliance) firewall, when an encrypted packet arrives at the ingress interface, it will go through the following steps: Ingress Interface: The encrypted packet is received on the ingress interface of the ASA. Access Control Policy: The ASA applies its access control policy to determine if the packet is allowed or denied based on configured rules. Decrypt (if necessary): If the packet matches an established IPsec VPN tunnel, the ASA will decrypt the packet using the appropriate encryption key. Routing Decision: Once decrypted, the ASA makes a routing decision based on the destination IP address of the packet. NAT (Network Address Translation): If configured, the ASA performs NAT translations on the packet, modifying the source and/or destination IP addresses. Egress Interface: The packet is then forwarded out through the appropriate egress interface based on the routing decision. It's important to note that the decryption process occurs after the access control policy is evaluated. If the packet is allowed by the access control policy and matches a valid VPN tunnel, it will be decrypted before proceeding with further processing, such as routing and NAT. I hope this clarifies the order of operations for an encrypted packet in the ASA firewall. Let me know if you have any additional questions!

Hi Abhishek In the packet flow through Cisco ASA, the ASA adds the new connection entry to its connection table at the "Input ACL" step

Dear Avinash ASA Complete video course is available on this website: www.trainonic.com/ Also, It would be best to schedule a quick call with our team, our team will understand your requirements and share all the relevant information with you. Call our Helpline Number at +91-8750004411 or 𝐂𝐡𝐚𝐭 𝐰𝐢𝐭𝐡 𝐮𝐬 𝐨𝐧 𝐖𝐡𝐚𝐭𝐬𝐚𝐩𝐩: wa.me/918750004411