Solved

ASA:  Rule Application

Posted on 2007-03-21
1
281 Views
Last Modified: 2010-04-12
Hello Experts,

New to Cisco ASA appliancs and I am wondering, when you are in the Security Policy window and you see the interfaces listed and under each interface are from what it seems are rules that apply to the interface.  Are the rules applied as packets enter the interface?  Can someone provide an overview as to how these applies to the interface?

As always, thank you in advance for your time on this matter.
0
Comment
Question by:coperator
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 28

Accepted Solution

by:
batry_boy earned 500 total points
ID: 18763288
You are correct in your statement that the rules listed under each interface apply to that interface.  You can apply two sets of rules to each interface...one in an inbound direction and one in an outbound direction.  In the ASDM, the direction of the rule application is listed under the column "Rule Appled to Traffic"...it will say either "incoming" or "outgoing".  If it says "incoming" for a particular rule then that rule is applied to packets as they enter that interface.  If it says "outgoing" for a particular rule then that rule is applied to packets as they exit the interface, meaning other functions such as NAT have already taken place before the rule is applied.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In every aspect, security is essential for your business, and for that matter you need to always keep an eye on it. The same can be said about your computer network system too. Your computer network is prone to various malware and security threats t…
Read about achieving the basic levels of HRIS security in the workplace.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question