Any outside initiated traffic that you need to allow, you have to permit that by an acl on the outside interface in the inbound direction. Only this permitted traffic will be allowed to be intiated from outside, other traffic not matching the acl will be dropped unless it was initiated on the inside and was inspected going out.
If nothing is allowed in and the inspection is done outbound on the outside interface, then no traffic initiated on the outside will be allowed in.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...