topic Re: Quick question re Access-lists Outside & Inside in Network Security https://community.cisco.com/t5/network-security/quick-question-re-access-lists-outside-inside/m-p/1244304#M840860 <HTML><HEAD></HEAD><BODY><P>Short answer: No you don't</P><P></P><P>Long answer: Cisco ASA firewalls are stateful, therefore when a connection is built in 1 direction, the other direction is automatically allowed. Also, a connection iniating from inside (high security interface) to outside (low security) is automatically allowed through so long as an accompanying NAT rule is in place.</P><P></P><P>Hope this helps <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P><P></P><P>Please rate posts if they help you.</P></BODY></HTML> Fri, 22 May 2009 09:19:32 GMT handsy 2009-05-22T09:19:32Z Quick question re Access-lists Outside & Inside https://community.cisco.com/t5/network-security/quick-question-re-access-lists-outside-inside/m-p/1244303#M840859 <P>New to networking so just need someone to confirm this please regarding ASA firwall. If I have created an access-list on the outside interface which allows an outside device to to create a connection to a specific ip address and port on the inside do I also need to create an entry on the inside interface access-list to allow the return traffic?</P><P></P><P>Many Thanks</P><P>Darren</P> Mon, 11 Mar 2019 15:35:20 GMT https://community.cisco.com/t5/network-security/quick-question-re-access-lists-outside-inside/m-p/1244303#M840859 darrenriley5 2019-03-11T15:35:20Z Re: Quick question re Access-lists Outside & Inside https://community.cisco.com/t5/network-security/quick-question-re-access-lists-outside-inside/m-p/1244304#M840860 <HTML><HEAD></HEAD><BODY><P>Short answer: No you don't</P><P></P><P>Long answer: Cisco ASA firewalls are stateful, therefore when a connection is built in 1 direction, the other direction is automatically allowed. Also, a connection iniating from inside (high security interface) to outside (low security) is automatically allowed through so long as an accompanying NAT rule is in place.</P><P></P><P>Hope this helps <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P><P></P><P>Please rate posts if they help you.</P></BODY></HTML> Fri, 22 May 2009 09:19:32 GMT https://community.cisco.com/t5/network-security/quick-question-re-access-lists-outside-inside/m-p/1244304#M840860 handsy 2009-05-22T09:19:32Z