18:32:46 From Raza Meer : yes 18:36:21 From Zaheer Jahangir : sir just a question what is the significance of neighbour command in ospf on ASA 18:37:15 From Zaheer Jahangir : thanks 18:38:53 From Rinchen : you have the wrong interface # for asa 18:39:04 From Rinchen : in your config 18:39:09 From Rinchen : notepad 18:39:12 From Rinchen : yes 18:45:44 From ahmad rana : easy stuff 18:46:01 From ahmad rana : good refresher for R&S guys 18:46:32 From ahmad rana : there is no key life stuff 18:46:40 From ahmad rana : in CCIE Sec 18:46:40 From ahmad rana : ok 18:46:46 From ahmad rana : yup 18:48:12 From ahmad rana : what about source Nat 18:51:48 From ahmad rana : no voice 18:51:56 From Raza Meer : no voice 18:51:58 From Zaheer Jahangir : voice 18:52:01 From Rinchen : don't hear anything 18:54:56 From ISHU : yes 18:55:45 From ahmad rana : source NAT and Destination NAT 18:56:11 From ahmad rana : inside to outside is Source Nat 18:56:15 From Ibrahim : source 18:56:41 From ahmad rana : from outside to inside destination will be Destination NAT 18:59:02 From ahmad rana : Source NAT will be when host from inside try to reach out side world. 18:59:04 From Deeptiranjan : destination 18:59:20 From Issam : same teminology as Inside and outside NAT 18:59:21 From Issam : #? 19:00:10 From ahmad rana : no 19:00:13 From Rinchen : no 19:00:13 From Zaheer Jahangir : no 19:00:19 From Zaheer Jahangir : it will be published to a public IP 19:00:37 From Zaheer Jahangir : that will be destination NAT from outside 19:01:53 From Zaheer Jahangir : 192.1.20.5 19:01:53 From ahmad rana : public ip 19:01:53 From Rinchen : 192.1.20.5 19:01:56 From aabid254 : public ip 19:01:56 From Issam : 192.1.20.5 19:03:02 From Rinchen : yes 19:03:05 From Raza Meer : yes 19:03:07 From Rinchen : source 19:03:07 From Raza Meer : source 19:03:08 From Issam : source NAT 19:03:10 From ahmad rana : destination 19:03:14 From Raza Meer : source nat 19:03:22 From Raza Meer : internatl ip address gets translated 19:03:30 From Issam : please an example about outside NAT 19:03:32 From Rinchen : internal address changes 19:04:30 From ahmad rana : yup… 19:05:18 From Ibrahim : no 19:05:19 From Rinchen : no 19:05:20 From ahmad rana : no 19:06:31 From Rinchen : yes 19:06:44 From ahmad rana : what is the real life example of Destination NAT 19:07:19 From Rinchen : redirection 19:07:48 From Ibrahim : no DG 19:10:03 From Rinchen : yes 19:10:26 From Rinchen : yes 19:10:32 From ahmad rana : yes 19:11:58 From ahmad rana : sir plz reeat 19:12:10 From ahmad rana : the whole thing 19:12:15 From ahmad rana : Destination 19:12:26 From ahmad rana : Destination Nat only 19:12:39 From ahmad rana : yup 19:12:50 From ahmad rana : directly connected 19:13:25 From ahmad rana : yup 19:13:43 From ahmad rana : no 19:14:00 From ahmad rana : yes 19:14:25 From ahmad rana : yup 19:14:48 From ahmad rana : ok 19:14:52 From Rinchen : no routing capability 19:15:01 From ahmad rana : yes 19:15:07 From ahmad rana : yes 19:16:27 From Rinchen : remote addres 19:16:58 From Issam : or translate the source to inside interface of the fw 19:17:00 From Rinchen : same network 19:17:06 From ahmad rana : ah…got it now 19:17:19 From Issam : ok 19:18:10 From Mahin : so here both source and dest translation happening 19:18:34 From Ibrahim : it is also called twice nat right 19:18:39 From ahmad rana : well Palo Alto training I recently did explained inbound Srouce NAT as Destination 19:19:17 From ahmad rana : r u going to explain Double Dating as well 19:19:24 From ahmad rana : Nating 19:19:28 From ahmad rana : ** 19:19:32 From ahmad rana : LOL 19:19:34 From Ibrahim : lol 19:19:35 From faisal : hahaa 19:19:39 From Zaheer Jahangir : haha 19:19:50 From ISHU : :) 19:19:58 From ahmad rana : Nat was translated to Date 19:20:14 From Ibrahim : ok 19:20:49 From omprakash : Sir is there any method to check the destination address to perform desti NAt is correct sorce 19:21:26 From omprakash : ok sir 19:22:35 From ISHU : yes 19:24:21 From Khawar Butt : Crypto IPSec Profile only applied to Tunnel Interfaces. 19:24:39 From Khawar Butt : It assumes that all traffic leaving the tunnel interface is interesting. 19:24:59 From Khawar Butt : Crypto map requires an ACL to specify the Interesting Traffic. 19:25:18 From Khawar Butt : Can be used on Physical or Tunnel Interfaces. 19:25:28 From Khawar Butt : I just listed the technical differences. 19:25:37 From Khawar Butt : Tunnel - Use IPSec Profile 19:26:15 From Khawar Butt : Sorry Guys.. Deepti asked what is the difference between a Crypto Map and a IPSec Profile 19:26:27 From Khawar Butt : In case you were wondering :-) 19:36:14 From Rinchen : ok 19:36:35 From Oscar Ramirez : yes 19:36:36 From ahmedalrawi.a : yes 19:36:38 From Mahin : yes 19:36:49 From Rinchen : yes 19:36:49 From omprakash : yes 19:36:53 From Tariq : yes 19:37:08 From mostapha : yes 19:43:52 From ahmad rana : would that nat take precedence over any other nat ? for example if i configure another one-to-one NAT ? 19:45:53 From Rinchen : yes 19:46:11 From Raza Meer : yes 19:47:01 From Rinchen : ;no 19:47:07 From Rinchen : private 19:47:12 From Ibrahim : static nat 19:47:22 From Rinchen : need static NAT 19:48:24 From Rinchen : yes 19:52:32 From Rinchen : ok 19:54:06 From Deeptiranjan : no 19:54:14 From Rinchen : transalated address 19:55:59 From aabid254 : Dynamic and Auto-NAT is same? 19:56:31 From aabid254 : ok 19:58:28 From Rinchen : 0 20:00:44 From Rinchen : lots of public addresses 20:01:54 From Rinchen : PAT 20:03:26 From Rinchen : port 20:05:57 From Deeptiranjan : outside interface 20:10:28 From Rinchen : yes 20:10:30 From mostapha : ok 20:10:32 From Santhosh : yes 20:10:37 From Mahin : yes 20:12:43 From Deeptiranjan : yes 20:12:49 From Rinchen : yes 20:12:52 From ahmad rana : yes 20:12:53 From Mahin : yes 20:12:53 From Santhosh : yes 20:16:12 From Rinchen : 2nd port 20:17:49 From faisal : 23 is internal network, 2311 belongs outside network 20:17:53 From Deeptiranjan : can we use the same public ip for static PAT that we used for dynamic pat 20:18:24 From Deeptiranjan : ok 20:20:41 From Rinchen : no 20:20:54 From Rinchen : transalted to 2311 20:20:54 From Raza Meer : it will work 20:21:15 From Raza Meer : ok 20:21:16 From ahmad rana : u have to define the port 20:21:17 From Deeptiranjan : you need to specify 2311 20:22:17 From Raza Meer : yes 20:22:18 From Rinchen : yes 20:22:21 From Deeptiranjan : can you show the xlate output for this 20:23:02 From Rinchen : since it's static 20:23:09 From Deeptiranjan : ok 20:23:22 From Zaheer Jahangir : can u please show the acl 20:23:53 From Zaheer Jahangir : ok sir 20:24:23 From aabid254 : first acl checked then nat 20:24:36 From aabid254 : ok 20:24:53 From Rinchen : private address 20:26:05 From Zaheer Jahangir : palo alto does acl check first it differs for onlt them 20:26:14 From Rinchen : yes 20:26:47 From Zaheer Jahangir : yes 20:27:49 From Deeptiranjan : but the traffic coming from outside ,will hit the interface first ,how nat check is happening first 20:28:19 From Deeptiranjan : ok 20:30:19 From Deeptiranjan : yes 20:32:51 From Rinchen : yes 20:32:52 From Deeptiranjan : ya 20:33:50 From Rinchen : yes 20:33:52 From Deeptiranjan : yes 20:34:57 From Deeptiranjan : low 20:35:00 From Rinchen : 192.168.1.3 20:35:07 From Zaheer Jahangir : local ip 20:35:40 From Deeptiranjan : yes 20:35:41 From Rinchen : yes 20:36:29 From Rinchen : 199.1.1.1 20:36:35 From Rinchen : 192.1.20.x 20:36:36 From Deeptiranjan : 192.1.20.x 20:36:58 From Deeptiranjan : outside 20:36:59 From Rinchen : outside 20:37:05 From Deeptiranjan : 2nd 20:37:05 From Rinchen : 2nds 20:37:12 From Rinchen : dest 20:38:11 From Rinchen : outside 20:38:19 From Rinchen : dmz 20:38:41 From Rinchen : dmz 20:38:42 From Raza Meer : dmz 20:38:48 From Rinchen : 1st 20:38:49 From Raza Meer : 1st 20:38:50 From Deeptiranjan : 1st 20:38:54 From Deeptiranjan : source 20:38:56 From Rinchen : src 20:38:56 From Raza Meer : src 20:39:05 From Rinchen : yes 20:39:05 From Deeptiranjan : yes 20:39:06 From Raza Meer : yes 20:39:28 From faisal : excellent explanation 20:39:33 From faisal : great 20:41:58 From Deeptiranjan : 192.168.1.X 20:42:05 From Rinchen : dest 20:42:08 From Deeptiranjan : destination 20:42:12 From faisal : 192.168.1.3 20:42:16 From Deeptiranjan : source 20:42:19 From Raza Meer : 199 20:42:19 From Ibrahim : sou 20:42:20 From Zaheer Jahangir : sourcce 20:42:25 From Raza Meer : source 20:42:28 From Raza Meer : 199.x.x. 20:42:30 From Deeptiranjan : 199.1.1.1 should be changed to 192.168.1.X 20:42:31 From Rinchen : outside 20:42:33 From Deeptiranjan : outside 20:42:34 From Ibrahim : out 20:42:35 From Zaheer Jahangir : outside 20:43:37 From Deeptiranjan : 192.168.1.79 20:44:32 From Rinchen : yes 20:45:18 From Rinchen : can we do dynamic destination NAT? 20:45:33 From Rinchen : ok 20:45:34 From Mahin : good 20:46:32 From Zaheer Jahangir : SERVICE? 20:48:28 From faisal : great 20:48:38 From Rinchen : yes 20:48:53 From Deeptiranjan : it was really an awesome explanation of NAT’s 20:49:52 From Deeptiranjan : both source and destination nat happens 20:50:34 From Deeptiranjan : yes 20:56:07 From Ibrahim : no 20:56:08 From faisal : very rare 20:56:13 From Deeptiranjan : very rarely 20:57:06 From Fahad : where de]o we do twice NAT. - Real life scenario? 20:57:31 From Fahad : rare 20:57:36 From Fahad : but where? 20:57:44 From ahmad rana : i have seen that when merging companies 20:58:18 From Fahad : okie 20:59:19 From Rinchen : what was the question? 20:59:31 From Raza Meer : 192.168.1.3 and 199.1.1.1 20:59:40 From Rinchen : 199.1.1.1 20:59:40 From faisal : 192.168.1.3(s)->192.1.20.11(s) 20:59:47 From Rinchen : 192.168.1.3 20:59:52 From Rinchen : 192.168.1.79 21:00:24 From faisal : 192.168.1.79(d)->199.1.1.1(d) 21:02:18 From Rinchen : src IP 192.168.1.3 21:02:23 From Rinchen : dest IP 199.1.1.1 21:02:39 From Rinchen : oh 21:03:33 From Deeptiranjan : yes 21:04:19 From faisal : H199-d 21:04:21 From Rinchen : h199-d 21:06:38 From faisal : very nice 21:09:47 From Mahin : good 21:09:50 From Rinchen : yes 21:09:56 From Manik Sudhera : yes 21:10:07 From faisal : very very nice explanation 21:10:35 From Manik Sudhera : ok sir 21:10:37 From Manik Sudhera : good 21:11:02 From ahmad rana : my buffers are overloaded Sir…lol 21:11:10 From ahmad rana : great stuff though 21:11:20 From Manik Sudhera : great topic today 21:11:26 From mostapha : thanks 21:11:33 From omprakash : thx sir 21:11:36 From Zaheer Jahangir : sir one question...consufion...in static PAT what about the return traffic here 21:11:58 From Zaheer Jahangir : ok sir 21:12:18 From Santhosh : nope 21:12:25 From mostapha : my name 21:12:28 From Manik Sudhera : ok 21:12:38 From mostapha : yes 21:13:00 From Oscar Ramirez : Could you please include the physical topology on your email? 21:13:08 From Ibrahim : khasse71@gmail.com 21:13:18 From Oscar Ramirez : ok thanks 21:15:34 From Manik Sudhera : thanks sir 21:15:53 From mostapha : can u share prevous record plz 21:15:56 From Santhosh : got it thanks 21:16:00 From mostapha : ok 21:16:02 From Oscar Ramirez : Got it! 21:16:02 From mostapha : thanks 21:16:03 From faisal : yes got it 21:16:06 From Raza Meer : thanks 21:16:08 From Zaheer Jahangir : sir please send the link of todays video 21:16:12 From Zaheer Jahangir : due to lag issue 21:16:15 From Manik Sudhera : share recording today sir 21:16:16 From Zaheer Jahangir : sure sir 21:16:25 From Zaheer Jahangir : ok 21:16:32 From Manik Sudhera : maniksudhera2010@gmail.com 21:16:44 From Manik Sudhera : ok sir 21:16:47 From Manik Sudhera : already sended 21:16:50 From Prithvi : thank you sir.. see you soon 21:16:51 From Manik Sudhera : thanks sir 21:16:52 From ahmad rana : TC 21:16:54 From Manik Sudhera : take care 21:16:54 From Manik Sudhera : sir