Hello,
Currently, we allow /24 into our DMZ as follow:
...
access-group dmz_access_in in interface dmz
route outside 0.0.0.0 0.0.0.0 a.b.c.d 1
route inside x.y.z.0 255.255.255.0 1.2.3.4 1 <----- Extended x.y.z.0
...
Now, if we need to extended the /24 to a bigger scope ( range of 15 class C networks ) : can I just re-used the static route or should I use a ACL to allow traffic ? any potential gotcha ?
TIA,
Loc
This is on a ASA5585