03-26-2015 08:19 AM - edited 03-11-2019 10:42 PM
Hi
Interface INSIDE set to 100
Interface OUTSIDE set to 0
Application using port 11024 TCP/UDP is not going out.
Do I need to create a separate NAT statement?
I thought all ports are open going from High to low
Regards
Stan
03-26-2015 11:50 AM
Hi,
As oer the security level configured on the ASA device , the traffic should be allowed by default if you don't have any access group configured on the Inside interface.
You can verify the configuration using Packet Tracer:-
https://supportforums.cisco.com/document/29601/troubleshooting-access-problems-using-packet-tracer
Thanks and Regards,
Vibhor Amrodia
03-26-2015 12:00 PM
If your "OUTSIDE" interface is facing the Internet, then naturally you need a dynamic-nat in place.
IP address space between Inside to outside is routable, then you need a permit line on the inside ACL, assuming you have an ACL for control access on the inside access.
thanks
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: