Hi, We have been using ASA for last ne year and its working fine, now can I block the inside machines that means 2 machines are available in inside zone now i want that first machine not able to access or communicate with second machine, is it possible becoz the traffic wont bypass through firewall when both communicate. Thanks
If both machines are in 'same subnet', then both will communicate 'directly' and will never each the firewall. You have the following options:
> Change the switch
> Change the network design
> Play around with some routes/proxy-arp
> NAT one of the machines on the firewall etc.