I would like to permit only a few IP addresses from various subnets through an fwsm, is there a way to summarize this in order to reduce the number of ACL rules? We have over 200 subnets all starting 10.10.<building>.0/24. I would like to only permit IPs 10.10.x.248 and above from each building. Do FWSMs allow discontiguous masks? For example, could I add a rule 10.10.0.248 / 255.255.0.248? I tried the config via ASDM and it took it but changed the format to 10.10.0.248/29 so I'm not sure whether it will allow any value in the third octet.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...