Permitting Additional Access Through the Firewall
The permissions allowing traffic sourced on higher-security interfaces and being routed through egress interfaces with lower security levels are allowed by default, and the stateful nature of the ASA dynamically allows the return traffic. If you want to apply ACLs either to filter what the inside users can initiate or to permit access that allows users on the outside to reach our DMZ resources, you can use a packet-filtering ACL. To apply an ACL, navigate to Configuration > Firewall > Access Rules. By default, the policy on the inside and DMZ interfaces (because they are not at security level 0) is to allow traffic sourced by devices on those interfaces to be forwarded to less-secure networks. ...
Get Santos:CCNA Sec 210-260 OCG now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.