Cisco ASA information needed

Posted on 2014-01-26
Last Modified: 2014-02-04
How can  you permit traffic to specific host  on another interface  if you have configured deny all traffic from one  interface to another   meaning between two  network /24 .

 Is it necessary to setup an except rule  between two interfaces?
Question by:renegadecy
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 51

Expert Comment

ID: 39810179
I would think a permit rule for that requirement could be created and placed immediately above the deny.

Author Comment

ID: 39810313
have done that and it doent work...
LVL 51

Expert Comment

ID: 39810364
If you remove the deny, and only have that rule does it work?
Is Your DevOps Pipeline Leaking?

Is your CI/CD pipeline a hodge-podge of randomly connected tools? You’ve likely got a tool to fix one problem & then a different tool to fix another, resulting in a cluster of tools with overlapping functionality. Learn how to optimize your pipeline with Gartner's recommendations


Author Comment

ID: 39810530
due to security policy I cannot remove the deny
LVL 51

Expert Comment

ID: 39810747
It's implicitly denied.

Accepted Solution

amatson78 earned 500 total points
ID: 39810791
What level is the allow, meaning on the ACL is it higher then any of the denys? What do the logs show on the ASA when you create the rule and test it. It should give a reason denied. Also is their routes/NATs setup for the two subnets to talk?

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor ( Top Charts is a view in which you can set seve…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question