Hi All,
As the subject suggests I have been set the task of exporting a config to a new device. The new device will have the outside interface assigned by the service provider. The current ASA has the following in the config
access-list non-priority-traffic extended deny ip host 10.10.10.10 host 20.20.20.20
access-list non-priority-traffic extended deny ip host 10.10.10.10 host 20.20.20.20
access-list non-priority-traffic extended deny ip host 20.20.20.20 host 10.10.10.10
access-list non-priority-traffic extended deny ip host 20.20.20.20 host 10.10.10.10
if the host 10.10.10.10 is the actual ip address of the outside interface can I just replace it with the following - given that I wont know the dynamically assigned ip of the new ASA?
access-list non-priority-traffic extended deny ip interface outside host 20.20.20.20
access-list non-priority-traffic extended deny ip interface outside host 20.20.20.20
access-list non-priority-traffic extended deny ip host 20.20.20.20interface outside
access-list non-priority-traffic extended deny ip host 20.20.20.20interface outside
many thanks