I am replacing my Pix515 with a new ASA5510 and Im having some issues.
First thing between the Inside to all other interfaces I know that inside can get to any lower Security interface.
I am testing ping from DMZ to Inside and it seems taht I can ping and browse all ports and such from DMZ to Inside and I dont understand why. I have specific ACLs and have the ACL applied to the correct Interfaces.
My goal is to protect the Inside network from all lower security network such as DMZ, and Outside. But from a quick test I can ping from the DMZ into the lan and from the Lan To the Dmz. Also from the Inside network I can browse to a website in the DMZ and from DMZ back to inside.
I dont see what I am doing wrong in my configurations.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...