I have a question about usage of groups and drop rules. I would like to use Global groups and add device/networks to these global groups and then use those groups in drop rules on the LC controllers. Problem is when I view the Global group on an LC it only shows the Device/networks local to that box. With that said the rule does not consider the other device/networks that are part of the global group. Is there a way that is can work? Why I would want to do this, well for example lets take some internal subnets that generate certain type of traffic to inside subnets at different locations. It is easier to add all inside subnets to the Global group and then write drop rule on LCs using the global group as the scr and dst.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...