Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1601
Views
0
Helpful
2
Replies

Default action block problem

gogi99
Level 1
Level 1

‎01-04-2022 12:02 AM

i have the firepower 1120. i configured my device for access to internet from DMZ zone and to access to my web server, but with default action allow. when i set default action BLOCK, and i create NAT: manual for accesss dmz zone to internet and automatic nat for access to my web server, nothing is working. what i must to make that my firewall works when is set default action BLOCK?

0 Helpful
2 Replies 2

Rob Ingram
VIP
VIP

‎01-04-2022 12:06 AM

@gogi99 you have to explictly permit the traffic in order to match before the default action of deny.

Provide screenshots of your ACP rules when it does not work. FYI - the ACP rule uses the real IP address not the NAT address.

0 Helpful

gogi99
Level 1
Level 1
In response to Rob Ingram

‎01-04-2022 12:59 AM

I don't have screen because of i configured my device, where my access rules have not zones. I just use networks or hosts. The specific rules are on top, the common rules are on bottom

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card