I’m new to the Cisco ASA stuff I just wanted some clarification on this matter.
If you can define a NAT. What is the point in an ACL?
1. Is it for you to allow more control over NAT? Let’s say you wanted to block HTTPS on a certain web server would the ACL be the place to do it?
2. Instead of opening the whole range of protocols in NAT does an ACL give you the option to define what protocols should be open for that IP?
3. Does it allow you to define what source IP is allowed to access what protocol and ports?
So basically is an ACL for more “tweaking” what protocols and ports are open on a defined NAT?
I’m also under the assumption you can use an ACL for an interface to define a group of IP’s or networks.
Am I close or am I way off on my thinking? Thanks in advance