cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1046
Views
0
Helpful
1
Replies

How to inspect inbound traffic using Firepower

Brad_Shawh
Beginner
Beginner

Our current setup using ASA and Firepower

 

Inside : 20.20.20.0/24

Outside : x.x.x.x

 

My access control policy is such that it inspects 'Inside' to 'Outside', where 'Inside' is Firewall trusted interface, and 'Outside' is Outside interface.

 

I understand all packets outbound are inspected, but what if I have an FTP server on the inside that is accessible from internet? How can I inspect this inbound traffic knowing the FTP allows data copy from internet.

1 Reply 1

Dinesh Moudgil
Cisco Employee
Cisco Employee

You could have a specific ACP rule allowing the traffic from outside to inside zone on a specific port and application.

 

Section "Modify access control policy to allow outside access " for your reference
https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2016/pdf/LTRSEC-2101-LG.pdf

 

 

Thank you,

Dinesh Moudgil

 

P.S. Please rate helpful posts.

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers