We are in test mode and i find that the system is complaining that a host in our company tried to open a connection at 80 to a server in the company, many of our applications are web based so it is normal, what would be the best way to tune this event?
What I've done is created an exception rule for a group, then add the servers into the group so that the exception only applies to the machines (servers) to allow port 80 connections.
You could make that exception rule part of a rule module that has a system state for IP address ranges internal to your network. In other words, the ALLOW over port 80 will only work on the servers you add to the group and ONLY if the incoming client has an IP address within your network.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...