Cisco ASA Series Cli Configuration Manual page 160
Software version 9.0 for the services module
Hide thumbs
Also See for ASA Series:
- Configuration manual (429 pages) ,
- Getting started (31 pages) ,
- Mount and connect (12 pages)
Table of Contents
Advertisement
Firewall Mode Examples
An Outside User Attempts to Access an Inside Host
Figure 1-12
Figure 1-12
The following steps describe how data moves through the ASA (see
1.
2.
3.
4.
Cisco ASA Series CLI Configuration Guide
1-24
shows an outside user attempting to access a host on the inside network.
Outside to Inside
Host
Internet
209.165.201.2
Management IP
209.165.201.6
A user on the outside network attempts to reach an inside host.
The ASA receives the packet and adds the source MAC address to the MAC address table, if
required. Because it is a new session, it verifies if the packet is allowed according to the terms of the
security policy (access lists, filters, AAA).
For multiple context mode, the ASA first classifies the packet to a context.
The packet is denied because there is no access list permitting the outside host, and the ASA drops
the packet.
If the outside user is attempting to attack the inside network, the ASA employs many technologies
to determine if a packet is valid for an already established session.
Chapter 1
Host
209.165.201.3
Configuring the Transparent or Routed Firewall
Figure
1-12):
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
