Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
759
Views
0
Helpful
1
Replies

ASA access rule issue

Hirak Debnath
Level 1
Level 1

‎02-14-2019 01:11 AM - edited ‎02-21-2020 08:48 AM

I am facing difficulty implementing access rule in ASASM. The rule does not catch traffic. If I permit ip any to any it allows the traffic

 

I have attached the packet trace. The first rule below is my more specific rule.

Also the items in two packet traces are different.

 

  1. access-list outside_access_in extended permit ip object-group NET_ALL-DAB-DEPT object SVR_QestionBank
  2. access-list outside_access_in extended permit ip any any

 

we are not using any NAT. 

Key configuration are

1) security ACL

2) TCP state bypass for some subnets

Any idea what could be the reason?

Preview file
185 KB
0 Helpful
1 Reply 1

Dennis Mink
VIP Alumni
VIP Alumni

‎02-14-2019 02:35 AM

can you please add the full config so this can be analysed,

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card