why is implicit deny missing from outside int incoming access rules after upgrade from 8.25 to 9.1?
i have just noticed that after upgarde of image and asdm to 911 and 711, the implicit deny acl is missing from the outside interface. Is this deliberate or a poor upgrade. i am upgrading from 8.25 normally, depends what the reseller sends me.
should this be happening or am i upgrading in too large a jump?
Re: why is implicit deny missing from outside int incoming acces
Would really see some screencapture / output of the thing you are referring to.
I imagine that you are perhaps referring to something related to ASDM? I dont personally really use ASDM at all for ASA configurations to I am not up to date on the possible problems it might have or changes made to its interface.
I am not sure if you have an ACL attached to the "outside" interface? If so then I think the ASDM should show the Implicit Deny at the end while this wont show on the CLI side at all.
I did just check my own ASA at home which is running 9.0(2) and ASDM 7.1(2) at the moment and it doesnt show an Implicit Deny for my LAN or WAN interfaces ACL.
Though the basic ACL operation is still in effect. If its not allowed in the ACL then its blocked by Implicit Deny. This can be confirmed with "packet-tracer" test on your firewall also.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...