Case Study: CBAC on a Router Configured with NAT

This section covers a case study showing how CBAC is implemented in a real-world situation. This case study is used to further delineate some of the ideas explored in this chapter.

CBAC on a router configured with NAT is one of the most common CBAC setups. One of the important issues to realize in a NAT setup is that for traffic entering the router's public interface, such as coming from the Internet, the packets are first processed through the access list applied to the interface, and then denatting occurs. This is why the incoming access list is opened for the PAT pool addresses of the machines sitting on the private network behind the router. Table 9-2 outlines the general order of operation ...

Get Network Security Principles and Practices now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.