Showing results for 
Search instead for 
Did you mean: 

How to inspect inbound traffic using Firepower

Level 1
Level 1

Our current setup using ASA and Firepower


Inside :

Outside : x.x.x.x


My access control policy is such that it inspects 'Inside' to 'Outside', where 'Inside' is Firewall trusted interface, and 'Outside' is Outside interface.


I understand all packets outbound are inspected, but what if I have an FTP server on the inside that is accessible from internet? How can I inspect this inbound traffic knowing the FTP allows data copy from internet.

1 Reply 1

Dinesh Moudgil
Cisco Employee
Cisco Employee

You could have a specific ACP rule allowing the traffic from outside to inside zone on a specific port and application.


Section "Modify access control policy to allow outside access " for your reference



Thank you,

Dinesh Moudgil


P.S. Please rate helpful posts.

Cisco Network Security Channel -
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Review Cisco Networking products for a $25 gift card