Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1399
Views
0
Helpful
0
Replies

Incoming and Outgoing Rules on ASA

Shao-Yu Chen
Level 1
Level 1

‎04-04-2018 10:04 AM - edited ‎02-21-2020 10:52 AM

I have these two rules on the inside incoming rules

picture1.png

versus these two rules, one on inside incoming and another one on inside outgoing

picture2.png

What difference between the two pairs?

If I want to drop bi-directional access for an internal host, how should I do it? Should I have the following?

inside (incoming)

deny any to 222.186.59.89 ip,icmp

outside (incoming)

deny 222.186.59.89 any ip,icmp

 

The SourceFIRE has already been blocking the 222.186.59.89 to an internal IP for a malicious traffic. Should I proceed to drop the traffic on the ASA side? The only thing is that I do not see any hits on the many other rules that I have created on the ASA side. That is why I am opening this discussion for some inputs.

The SourceFIRE is a separate unit sitting behind the ASA. It is not integrated in our ASA 5585 appliance.

 

Thank you for your answers,

 

Shao

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents