Incoming and Outgoing Rules on ASA

Shao-Yu Chen · ‎04-04-2018

I have these two rules on the inside incoming rules

versus these two rules, one on inside incoming and another one on inside outgoing

What difference between the two pairs?

If I want to drop bi-directional access for an internal host, how should I do it? Should I have the following?

inside (incoming)

deny any to 222.186.59.89 ip,icmp

outside (incoming)

deny 222.186.59.89 any ip,icmp

The SourceFIRE has already been blocking the 222.186.59.89 to an internal IP for a malicious traffic. Should I proceed to drop the traffic on the ASA side? The only thing is that I do not see any hits on the many other rules that I have created on the ASA side. That is why I am opening this discussion for some inputs.

The SourceFIRE is a separate unit sitting behind the ASA. It is not integrated in our ASA 5585 appliance.

Thank you for your answers,

Shao

Incoming and Outgoing Rules on ASA

Detailed Incoming and Outgoing Calls

Re: Block incoming Calls based off of ANI. (incoming or originating ph

Access Policy Rules API is now available!

WEBEX Softphone - outgoing calls

ASA: Failover 構成時における ASA の Smart License の扱いについて