If I have these configured:
___static (inside,outside) 184.108.40.206 10.40.5.62 netmask 255.255.255.255 0 0
___access-group acl_outside in interface outside
___access-list acl_outside line 5 deny udp any host 220.127.116.11 eq 60381 (hitcnt=1238)
why do I have this in the xlate table:
___UDP out 18.104.22.168:9156 in 10.40.5.62:60381 idle 0:46:27 flags -
Are connections built BEFORE access-lists are checked?
I'd kind of like to know if I've prevented that one host from producing as much as 2/3 of our total organization traffic... I would have thought there would be no connection if I'd done things right.