07-09-2020 02:02 AM
Hello
We are on ASA 9.8
https://docs.microsoft.com/en-us/previous-versions/system-center/configuration-manager-2007/bb693717(v=technet.10)?redirectedfrom=MSDN
We have a requirement to allow all microsoft updates through ASA.
How can this be achieved? Thank you.
Solved! Go to Solution.
07-09-2020 04:40 AM
You cannot do the wildcard in ASA ACLs with FQDN objects:
https://community.cisco.com/t5/network-security/asa-wildcard-fqdn-object-acl/m-p/3062315
So you would need to specify FQDNs of Microsoft domains without using wildcards.
View solution in original post
07-09-2020 02:47 AM
By default outbound traffic isn't blocked and outside traffic that's returning as part of a connection that was established from inside is allowed.
So, unless you're restricting outbound traffic, nothing needs to be done.
07-09-2020 04:35 AM
Thank you.
Yes, we are restricting traffic from inside and want updates from microsoft to be allowed.
07-09-2020 07:40 AM
Thank you, I'll use firepower!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community
