Dear All,

I set some rule on ASA 5512 Ver9.5(2) by ASDM ver 7.5(2) and find some problem.

When I remove "access-list WAN1_to_inside extended permit ip any any", I can't connect ERPServer WHY ?

object network ERPServer
  host 192.168.1.250

object network NETWORK_OBJ_192.168.1.0_24
  subnet 192.168.1.0 255.255.255.0

object service 12322
  service tcp source eq 12322

object network WAN1_Inside_Network
  subnet 192.168.1.0 255.255.255.0
  description for inside to outside use WTT

object service 12443
  service tcp source eq 12443

object service 443
  service tcp source eq https

access-list Local_Network standard permit 192.168.1.0 255.255.255.0
access-list WAN1_to_inside extended permit object 12322 any object ERPServer inactive
access-list WAN1_to_inside extended permit object 12443 any object ERPServer inactive
access-list WAN1_to_inside extended permit ip any any
access-list inside_to_outside extended permit ip any any

pager lines 24
logging enable
logging asdm informational
mtu WAN1 1500
mtu WAN2 1500
mtu inside 1500
mtu management 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-752.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected

nat (inside,WAN1) source static ERPServer interface service 22 12322 inactive
nat (inside,WAN1) source static ERPServer interface service 443 12443 inactive