The Default Flow of Traffic
By default, and this is important, the ASA forwards traffic (assuming it has a route to know where to forward it) if the initial traffic is sourced from a device that lives off of its high-security interface (such as the inside at security 100, which is the highest) and if the destination of the packet is being routed out of an interface that has a lower security level. That is it in a nutshell. So, a user on the inside can initiate traffic to devices off of the DMZ because that is going from higher to lower security levels (100 to 50). The user on the inside can initiate traffic to a server that lives off of the outside interface because that initial traffic is also going from a higher security level to a lower security ...
Get Santos:CCNA Sec 210-260 OCG now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
