topic Re: How to inspect inbound traffic using Firepower in Network Security https://community.cisco.com/t5/network-security/how-to-inspect-inbound-traffic-using-firepower/m-p/4299222#M1078896 <P>You could have a specific ACP rule allowing the traffic from outside to inside zone on a specific port and application.</P> <P>&nbsp;</P> <P>Section "Modify access control policy to allow outside access " for your reference<BR /><A href="https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2016/pdf/LTRSEC-2101-LG.pdf" target="_blank">https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2016/pdf/LTRSEC-2101-LG.pdf</A></P> <P>&nbsp;</P> <P>&nbsp;</P> <P>Thank you,</P> <P>Dinesh Moudgil</P> <P>&nbsp;</P> <P>P.S. Please rate helpful posts.</P> Mon, 01 Mar 2021 08:31:09 GMT Dinesh Moudgil 2021-03-01T08:31:09Z How to inspect inbound traffic using Firepower https://community.cisco.com/t5/network-security/how-to-inspect-inbound-traffic-using-firepower/m-p/4299220#M1078895 <P>Our current setup using ASA and Firepower</P><P>&nbsp;</P><P>Inside : 20.20.20.0/24</P><P>Outside : x.x.x.x</P><P>&nbsp;</P><P>My access control policy is such that it inspects 'Inside' to 'Outside', where 'Inside' is Firewall trusted interface, and 'Outside' is Outside interface.</P><P>&nbsp;</P><P>I understand all packets outbound are inspected, but what if I have an FTP server on the inside that is accessible from internet? How can I inspect this inbound traffic knowing the FTP allows data copy from internet.</P> Mon, 01 Mar 2021 08:24:36 GMT https://community.cisco.com/t5/network-security/how-to-inspect-inbound-traffic-using-firepower/m-p/4299220#M1078895 Brad_Shawh 2021-03-01T08:24:36Z Re: How to inspect inbound traffic using Firepower https://community.cisco.com/t5/network-security/how-to-inspect-inbound-traffic-using-firepower/m-p/4299222#M1078896 <P>You could have a specific ACP rule allowing the traffic from outside to inside zone on a specific port and application.</P> <P>&nbsp;</P> <P>Section "Modify access control policy to allow outside access " for your reference<BR /><A href="https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2016/pdf/LTRSEC-2101-LG.pdf" target="_blank">https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2016/pdf/LTRSEC-2101-LG.pdf</A></P> <P>&nbsp;</P> <P>&nbsp;</P> <P>Thank you,</P> <P>Dinesh Moudgil</P> <P>&nbsp;</P> <P>P.S. Please rate helpful posts.</P> Mon, 01 Mar 2021 08:31:09 GMT https://community.cisco.com/t5/network-security/how-to-inspect-inbound-traffic-using-firepower/m-p/4299222#M1078896 Dinesh Moudgil 2021-03-01T08:31:09Z