I am facing difficulty implementing access rule in ASASM. The rule does not catch traffic. If I permit ip any to any it allows the traffic
I have attached the packet trace. The first rule below is my more specific rule.
Also the items in two packet traces are different.
- access-list outside_access_in extended permit ip object-group NET_ALL-DAB-DEPT object SVR_QestionBank
- access-list outside_access_in extended permit ip any any
we are not using any NAT.
Key configuration are
1) security ACL
2) TCP state bypass for some subnets
Any idea what could be the reason?