https://community.cisco.com/t5/network-security/understanding-access-rules/m-p/1919885#M437121 <HTML><HEAD></HEAD><BODY><P>1. With the new interfaces you created, you would also need to assign the access rule to the interface:</P><P>access-group <ACL-NAME> in interface <INTERFACE-NAME></INTERFACE-NAME></ACL-NAME></P><P></P><P>2. Each interface should really have unique rules that correspond to that particular interface, instead of having 1 same rule set to all interfaces. How does your current configuration look like?</P></BODY></HTML> Sun, 13 May 2012 08:00:31 GMT Jennifer Halim 2012-05-13T08:00:31Z https://community.cisco.com/t5/network-security/understanding-access-rules/m-p/1919884#M437120 <P style="text-align: left;">am trying to config a FWSM by ASDM 6.2f.</P><P style="text-align: left;">there are formerly configured interfaces and new interfaces i created.</P><P style="text-align: left;">when i add a new access rule it gets added only to all the old interfaces but not to the new ones i created.</P><P></P><P style="text-align: left;">1. what wrong with the new interfces i created?</P><P style="text-align: left;">2. whats the logic of auto adding a rule to "all" interfaces , the rules are incoming rules&nbsp; specific to interfaces or groups , why add the to the rule to&nbsp; "all" intefaces?.</P> Mon, 11 Mar 2019 23:06:08 GMT https://community.cisco.com/t5/network-security/understanding-access-rules/m-p/1919884#M437120 Jacob Berger 2019-03-11T23:06:08Z https://community.cisco.com/t5/network-security/understanding-access-rules/m-p/1919885#M437121 <HTML><HEAD></HEAD><BODY><P>1. With the new interfaces you created, you would also need to assign the access rule to the interface:</P><P>access-group <ACL-NAME> in interface <INTERFACE-NAME></INTERFACE-NAME></ACL-NAME></P><P></P><P>2. Each interface should really have unique rules that correspond to that particular interface, instead of having 1 same rule set to all interfaces. How does your current configuration look like?</P></BODY></HTML> Sun, 13 May 2012 08:00:31 GMT https://community.cisco.com/t5/network-security/understanding-access-rules/m-p/1919885#M437121 Jennifer Halim 2012-05-13T08:00:31Z https://community.cisco.com/t5/network-security/understanding-access-rules/m-p/1919886#M437122 <HTML><HEAD></HEAD><BODY><P> hi jennifer</P><P></P><P>1. i have some 20 interfaces(vlans) when i add a new incoming&nbsp; rule to a old interface ( not one i created) it gets added automaticlly to all the old interfaces but not to the new ones.</P><P></P><P>2.&nbsp; my config:</P><P></P><P>i see all the interfaces with identical rules under them</P><P>as i stated above, no matter under which interface i create the rule , it gets duplicated under&nbsp; the other interfaces ( only the old ones)</P><P></P><P>i am new to ASDM with vlans so im not sure how thing should be working</P><P></P><P></P><P>thanks</P></BODY></HTML> Sun, 13 May 2012 11:24:27 GMT https://community.cisco.com/t5/network-security/understanding-access-rules/m-p/1919886#M437122 Jacob Berger 2012-05-13T11:24:27Z https://community.cisco.com/t5/network-security/understanding-access-rules/m-p/1919887#M437123 <HTML><HEAD></HEAD><BODY><P>1. In that case, as stated on your point number 2 that you have the same rule applied to all the interfaces. Hence when you create a rule it gets added to all interfaces.</P><P></P><P>2. Two steps to configure access rules and apply to interface:</P><P>Step 1: configure the access rules</P><P>Step 2: apply it to the interface (this only needs to be applied once, so if you create a new interface, you would need to apply the access rules to the new interface).</P><P></P><P>Each interface can have different access rule name:</P><P>Example:</P><P>access-list acl-inside permit tcp any any eq 80</P><P>access-list acl-inside permit tcp any any eq 443</P><P>access-group acl-inside in interface inside</P><P></P><P>access-list acl-outside permit tcp any host 1.1.1.1 eq 80</P><P>access-group acl-outside in interface outside</P><P></P><P>Hope that answers your question.</P></BODY></HTML> Sun, 13 May 2012 11:36:30 GMT https://community.cisco.com/t5/network-security/understanding-access-rules/m-p/1919887#M437123 Jennifer Halim 2012-05-13T11:36:30Z