• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 874
  • Last Modified:

ASA 5510 Replacing Implicit Rule on Inside Interface

Currently we have the default implicit rule on the inside interface: any -> any less secure.  I would like to start locking down the inside interface and want to do it VLAN by VLAN on our network.

If replacing the "any less secure" with an "any -> any IP" the same thing?  I was thinking I put that in first to keep the same flow, and then start slowly adding in the more restrictive rules above it.
0
AllDaySentry
Asked:
AllDaySentry
1 Solution
 
Cyclops3590Commented:
yes, just create an acl and apply it to interface.

you can start with the following that is the rough equivalent

access-list inside-in permit ip any any
access-group inside-in in interface inside
0
 
AllDaySentryAuthor Commented:
Thanks.

I did it through the ASDM which used:

access-list inside_access_in line 1 extended permit ip any any
access-group inside_access_in in interface inside
0

Featured Post

Become a Leader in Data Analytics

Gain the power to turn raw data into better business decisions and outcomes in your industry. Transform your career future by earning your MS in Data Analytics. WGU’s MSDA program curriculum features IT certifications from Oracle and SAS.  

Tackle projects and never again get stuck behind a technical roadblock.
Join Now