Question #1 is rather interesting. The answer is less simple than one might assume. Make sure you read the last paragraph.
I previously attempted to apply ACLs inbound and outbound on a tunnel interface to implement security policy. I first constructed ACLs to determine what would be matched in the two directions.
TCP/UDP/ICMP host-to-host traffic destined to the far-side network matched the "outbound" ACL applied on the local tunnel interface.
Host-to-host traffic from the far-side network matched the "inbound" ACL, as did EIGRP traffic from the far-side tunnel interface IP (unicasts and multicasts).
However, the "inbound" ACL also matched GRE packets with a source equal to the "tunnel source" (local ext. interface IP), and a destination equal to the "tunnel destination" (far-side ext. interface IP), which I had not expected.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...