Solved

ASA:  Rule Application

Posted on 2007-03-21
1
279 Views
Last Modified: 2010-04-12
Hello Experts,

New to Cisco ASA appliancs and I am wondering, when you are in the Security Policy window and you see the interfaces listed and under each interface are from what it seems are rules that apply to the interface.  Are the rules applied as packets enter the interface?  Can someone provide an overview as to how these applies to the interface?

As always, thank you in advance for your time on this matter.
0
Comment
Question by:coperator
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 28

Accepted Solution

by:
batry_boy earned 500 total points
ID: 18763288
You are correct in your statement that the rules listed under each interface apply to that interface.  You can apply two sets of rules to each interface...one in an inbound direction and one in an outbound direction.  In the ASDM, the direction of the rule application is listed under the column "Rule Appled to Traffic"...it will say either "incoming" or "outgoing".  If it says "incoming" for a particular rule then that rule is applied to packets as they enter that interface.  If it says "outgoing" for a particular rule then that rule is applied to packets as they exit the interface, meaning other functions such as NAT have already taken place before the rule is applied.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Ways to assess https/ssl websites 3 119
Tools to detect weak WiFi routers prior connecting to it 14 151
Cisco 5508 controller parsing error 4 109
Creating a Vendor Admin user 23 118
Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question