Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
661
Views
0
Helpful
3
Replies

ASDM 6.2 GUI question

Go to solution
Jacob Berger
Level 2
Level 2

‎07-19-2012 01:36 PM - edited ‎03-11-2019 04:32 PM

im a newbie so be easy on me....

i connected to a asa 5510 at work

i checked the GUI of creating access rules

i see that by default all rules are created as incoming and only by choosing "more options" a outgoing rule can be set.

is there any reason for this? why is this option "hidden" ?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Jacob Berger

‎07-20-2012 02:55 AM

You can configure 10 different ACL incoming to each user vlan interface, or you can create 1 ACL outgoing on server vlan.

Either way is fine, typically you would see which is the least number of line of ACL and apply it accordingly.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎07-20-2012 01:00 AM

Incoming is the most used access-list, where it is incoming towards the interface. Outgoing is seldom used as it is outgoing off the interface.

Don't be confused with the term incoming and outgoing, as it doesn't mean incoming and outgoing off the firewall, but it is incoming and outgoing off the ASA interfaces.

0 Helpful

Go to solution
Jacob Berger
Level 2
Level 2
In response to Jennifer Halim

‎07-20-2012 02:06 AM

if for example i want to block 10 different user vlans from accesing 1 server vlan

wouldnt i place a deny access rule outgoing on the server vlan interface?

or would i place it incoming on each user vlans interface?

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Jacob Berger

‎07-20-2012 02:55 AM

You can configure 10 different ACL incoming to each user vlan interface, or you can create 1 ACL outgoing on server vlan.

Either way is fine, typically you would see which is the least number of line of ACL and apply it accordingly.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card