Hello My question is more theoretical than practical. I try to study content of CCNA/CCNP Security certification on my own and I don't get one thing regarding the ASA and Modular Policy Framework. I saw one CCNP CBT nugget video when guy showed us in ASDM basic ASA MPF settings with default class maps, policy maps and etc.. And there was not HTTP included in the list of the protocols to be inspected in default policy map but he could reach the web site on the Internet from the PC which was connected to the INSIDE interface of that ASA. Connection to the Internet was from the OUTSIDE of course. I would say that this wouldn't work as this traffic initiated from the INSIDE wasn't inspected and therefore the reply from the webserver wouldn't be allowed and denied on the OUTSIDE interface. Correct me if I am wrong. The he tried to ping 18.104.22.168 from the INSIDE but it didn't work and he explained like the ICMP was not inspected and therefore the echo-reply message was not allowed on the OUTSIDE interface. What am I missing please?
... View more