Hi All,

I just need to clarify a few simple rule to clear my doubts off.

Apparently i have a outside, inside and DMZ interface.

dmz-server = 172.16.10.10

inside-server = 192.168.1.254'

I just need 2 simple rule.

1. DMZ-server to access inside-server IP only, and deny anything else Inside

2. DMZ-Server to access internet

1. access-list dmz_access_in line 1 extended permit ip object DMZ-Server object INSIDE-SERVER

2. access-list dmz_access_in line 2 extended permit ip object DMZ-Server any

My objective is for DMZ-server to access to only 192.168.1.254, deny to all other inside IP.

Is my above ACL correct? To me, the above 2. ACL seems like overwriting the above rule.

Or am i missing out a DENY rule? if so which order should they be

Please advise.