access-list INSIDE_LAN_in extended permit ip 192.168.0.0 255.255.255.0 any
There is nat enabled on interface, but there is special statement in nat0 ACL for 192.168.100.0 subnetwork
access-list INSIDE_LAN_nat0_outbound extended permit ip 192.168.0.0 255.255.255.0 192.168.100.0 255.255.255.0
The problem is that remote users can easely ssh and telnet servers in INSIDE_LAN network. Whatever i put in INSIDE_LAN_in ACL, remote users still have full access to this network. Restrictions in REMOTE_split ACL don't work either.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...