So I am working on a CBAC to ZBF conversion and am running into a couple of questions. When converting to a ZBF, does the need for ACL's on the interface go away? I have the following configuration and can't seem to get any stats genrerated when I do a "sh policy-map type inspect zone-pair"
Can someone see if I am missing anything? The ACL I have applied to the incoming traffic on the OUTSIDE interface is dropping the traffic I need to come through. Does ZBF work differently with the ACL's? It does begin to work when I remove the ACL from the interface but when I run the "sh policy-map type inspect zone-pair", I am still not getting any traffic generated in the inspection.
I have attached the relevant config and the output from a Show Policy-Firewall Config command.
Any help on this would be much appreciated. Just wondering if someone can see something I am missing on this.
Thanks in advance,