Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1406
Views
0
Helpful
2
Replies

Firepower Bidirection of AC rules

StefanStankovic2195
Level 1
Level 1

‎11-08-2020 12:32 PM

Hi Everyone,

Can somebody clarify my if I put access control rule in AC policy in firepower that allow traffic from A to B does it automatically permit traffic from B to A? I mean, do I need a new rule that will allow opposite direction?

for example, let's have a rule that allow 192.168.1.0/24 network to 192.168.2.0/24. 

If i try to ping from .2.0 to .1.0 will it be allowed?

Best regards,
Stefan

Labels:
0 Helpful
2 Replies 2

Rob Ingram
VIP
VIP

‎11-08-2020 12:38 PM

Hi @StefanStankovic2195 

If you permit traffic from A to B and A initiates the communication, the return traffic from B will be permitted. You would need a rule from B to A if B initiates the communication.

 

HTH

0 Helpful

Marius Gunnerud
VIP
VIP

‎11-08-2020 02:20 PM

The return traffic will be allowed.  However, if you ping you need to make sure that icmp inspect command is present in the policy-map configuration or the return traffic will not be allowed.  TCP will be "inspected" and allowed.

--
Please remember to select a correct answer and rate helpful posts
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card