Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1464
Views
0
Helpful
1
Replies

How to inspect inbound traffic using Firepower

Brad_Shawh
Level 1
Level 1

‎03-01-2021 12:24 AM

Our current setup using ASA and Firepower

 

Inside : 20.20.20.0/24

Outside : x.x.x.x

 

My access control policy is such that it inspects 'Inside' to 'Outside', where 'Inside' is Firewall trusted interface, and 'Outside' is Outside interface.

 

I understand all packets outbound are inspected, but what if I have an FTP server on the inside that is accessible from internet? How can I inspect this inbound traffic knowing the FTP allows data copy from internet.

0 Helpful
1 Reply 1

Dinesh Moudgil
Cisco Employee
Cisco Employee

‎03-01-2021 12:31 AM

You could have a specific ACP rule allowing the traffic from outside to inside zone on a specific port and application.

 

Section "Modify access control policy to allow outside access " for your reference
https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2016/pdf/LTRSEC-2101-LG.pdf

 

 

Thank you,

Dinesh Moudgil

 

P.S. Please rate helpful posts.

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card