Hi, here I would advice you that first see, what is your org requirment. Suppose few users want to access only internet and few users need to have access the outside Servers or any other Services then my advice is kindly divide your network into V-lans as per users department and give them access only those ports from inside to outside which is required by the users and restrict the other ports.
2) Second make a configuartion documnet without making any changes and take the backup of start-conf file then u can roll back if something wrong happens.
I've experiensed simular situations quite some times when installing new, or replacing old - undocumented firewalls... it isnt funny at all.
What I have done until now, is to create the different access-rules for the "known-to be-" or "guessed-to be " required traffick pattern.
And then at the end create a
permit ip any any LOG
After some time (depends on the environment) i analyse the syslog, which is as you said time consuming, and verifies if the connections are required or not.
Needed connections are spesified in the access-lists, and it beginns from the beginning again.... logging, analysing, modifying ACL's...
After some time of analysing (and adjusting the ACL's) you can replace the "permit ip any any LOG" with a "deny ip any any log".
By this time, you will probably have archeaved that 99% of the nessesary connections are configured and works through the firewall. The last 1% will call you up, and tell you "there is something wrong" ;-)
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...