In id=0xad31d370, priority=111, domain=permit, deny=true More data: Result of the command: "packet-tracer input outside udp x.x.x.x 5060 y.y.y.y 5060 detailed" Packet trace says that packet is dropped by implicit deny rule on the access checking stage. I also try any any instead of x.x.x.x and y.y.y.y no different. Here's the piece of configuration which I think is relevant (sorry, not a Cisco expert, using ASDM): access-list Split-tunnel-ACL standard permit 10.65.0.0 255.255.0.0Īccess-list outside_access_in extended permit icmp any anyĪccess-list outside_access_in remark testĪccess-list outside_access_in extended permit udp host x.x.x.x host y.y.y.y Running a trace (simulated packet) in ASDM shows that the packet is dropped by the implicit reject rule, but I don't understand why does it not match my any to any UDP rule? Can I enable logging of rule evaluation? I have created 2 simple access rules: allow any ICMP and allow any UDP. Is there any way to debug ASA firewall rule application?
0 kommentar(er)
