We are in the process of setting up Cisco ASA and are migrating from a previous FW.
In the old FW, we have for example
souce >>>> Dest >>>> Service
Ext coy >>> Office >>> Service
whereby source is the external company initiating connection into dest(our office) for some service, and once set like this, only the external company can initiate communication. This worked fine.
Now on the ASA.
We have a reversal of the above, in that the external company is now under the destination column and our office is under the source column
source >>>> Dest >>>> Service
Office >>> Ext Coy >>> Service
and this is working also. The consultant has now come back to say that the way it was done on the old FW is wrong and I really do not agree. But I will appreciate your opinion.
My thinking is that, we have the connection type - Bidrectional in use and that is why the rule in the Cisco ASA is working.
Question 2: If we were to change this to originate, following the directed objective for the external coy to initiate connection, will they loose connection.