Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

please give example of security rule in ASA 5520

is the security rule in asa 5520 follow the same style with the acl in cisco 3000 and 4000 series switch where always acl is having implicit deny(so after any deny of any type we have to put permit ip any any)

Hall of Fame Super Blue

Re: please give example of security rule in ASA 5520

Yes there is an implicit deny ip any any at the end of an acl on the ASA.

The major difference between ASA/Pix acls and router acls is that the pix and asa use normal subnet masks whereas a router uses inverse masks so the router acl

access-list 101 permit ip

would translate to

access-list outside_in permit ip 192,168.5.0


New Member

Re: please give example of security rule in ASA 5520

many many thanks for your reply. we are connecting client from inside zone (high security) to out side zone server(low security)by 3rd party (different vendor)ipsec in transport mode by routed mode ASA 5520. how can the client be connected to server by the same ipsec in transport mode by NAT in ASA 5520 if everything is allowed in the security rule? please keep in mind that the ipsec transport is between client and server.

CreatePlease login to create content