troubleshooting Question

ASA Question?

Avatar of Hemil Aquino
Hemil AquinoFlag for United States of America asked on
Hardware Firewalls* ASA5505CiscoSecurity
3 Comments1 Solution134 ViewsLast Modified:
Howdy folks,

I have a question in regards the ASA 5505. I totally understand the concept from higher to lower level, but I noticed something interesting while I was doing something at work today. Traffic from my inside could see my web server located in my DMZ via local IP address. For example source local IP (MyPC 192.168.1.50) was able to establish tcp session towards my Apache server addressed to 192.168.50.50.  I thought once you've created level of security none of them interface should communicate unless you have an access-rule such as NAT or ACCESS-LIST in placed. Please let me know if im wrong.

 Also, I have no routing nor access-list, just basic simple configuration, I just noticed it after mistakenly typed an IP address.

INSIDE 100
OUTSIDE 0
DMZ 50

Thanks you!
ASKER CERTIFIED SOLUTION
Soulja
Sr.Net.Eng
Join our community to see this answer!
Unlock 1 Answer and 3 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 3 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros