Greetings;
If you are allowing traffic into your DMZ interface (security 20) from your outside interface (security 0) and your ingress access is controlled by an access list applied to your outside interface, would you need to place an access list to your DMZ for traffic going to your outside interface?
I currently do this and I'm wondering if this is a not-so-good idea.
Also, When you apply the access-group OUTSIDE-IN in interface outside, what dies "in" really mean?
Hostile traffic fromthe internet and traffic from with your private network hitting the outside interface could all be deemed as coming "in"to the outside interface. Can someone offer words of wisdom please?
Kind Regards
Jeff