Since you never mentioned where the ACL (INDMZ) is applied, my understanding/explanation was meant for DMZ and applied on DMZ interface.
But since you mentioned about "..why do we need to allow TCP80, if the HTTP request generates from a more secure (inside interface) to a less secure interface (DMZ)? ..", then I guess your INDMZ is meant for inside interface instead. By the way, can you tell which subnet/IP belongs to DMZ and inside?
You're right that access from high (secure) to low (less secure) security level doesn't need ACL unless required.
To your question on the 3rd example, it actually works the same with line#2, but line#2 is a better way & preferred. The example is also meant for DMZ host (172.x.x.x) accessing inside host of 111.x.x.x.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...