Link to home
Start Free TrialLog in
Avatar of Shen
ShenFlag for United States of America

asked on

asa 5505 ASDM Firewall Access Rules

I am trying to add firewall acl that will deny any traffic from the inside networks to the outside(no internet browsing)

Under Configuration > Firewall > Access Rules :  inside (3 incoming rules ) ipv4  i added it:

source     destination     service          action

any           outside            tcp\http       deny
any           outside            tcp\https     deny
any           any                   ip                  permit

However, after i put these rules I can still go to the internet.
Avatar of Shen
Shen
Flag of United States of America image

ASKER

I changed the destination to "any" and it seems to be working now. Don't undenstand it to well. To me "outside" should be the desitnation,no "any". But it works with "any". I don't know if you do anything on the ipv6 section
ASKER CERTIFIED SOLUTION
Avatar of btan
btan

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Shen

ASKER

Thank you for the article. It is very informative.

My concern was defining the correct destination for the ACLs. At first, I though it will be "outside" for the internet. This did not work . Then i changed the destination to "any" and it worked.
Avatar of Shen

ASKER

I've requested that this question be closed as follows:

Accepted answer: 0 points for Rickgov's comment #a40424409

for the following reason:

Thank you