cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1095
Views
0
Helpful
3
Replies

ACL: Use of private inside IPs in the Internet facing ACL

kent.plummer
Level 1
Level 1

I have not yet caught up to speed on ASA 8.3 changes and came across the below working ACL on an ASA running 8.3.  The ACL is applied inbound to an Internet facing publicly addressed interface.  At this point the destination IP in the packet will not be 192.168.0.41 but the ASA outside public IP.  My understanding was that ACL's were processed firstly then NAT.  The fact that this rule works implies things have changed?

access-list OUTSIDE_ACCESS_IN extended permit tcp any host 192.168.0.41 eq 54321

Regards,

Kent.

1 Accepted Solution

Accepted Solutions