Re: access-list, build connections - order of ops?
Hi,I believe the problem is your acl and the interface you are applying it under. You want to block outbound traffic on port 60831 from being accessed by host 10.40.5.62 is this correct? your current acl is blocking inbound traffic on that udp port, is this what you want to accomplish?
you access list should be your local host not the public NAT address as nat order of operation from in to out looks for acl, local address , nat, routing etc.. so your acl should look like this if you are denying outbound.
This will block source udp port 60381 on 10.40.5.62 to any host oustide on udp port 60381
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...