How to represent all public IPs in a PIX/ASA/FWSM config
I have a question about creating a rulebase for my FWSMs. We have certain subnets behind a FWSM interface that need to have outbound http access restricted so that they can reach public IPs, but not most of the private ranges.
I come from a Checkpoint background where you did this by putting all your internal nets in a group and then 'negating' that group in the policy to represent public or 'non-internal' nets. Can I do this in ASDM or CSM without having to list all the public IP ranges?
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...