The following steps will guide you through configuring the Cisco ASA firewall:
- First, we are adding an access rule that will allow the WSUS server to connect to the internet (Microsoft update servers). Navigate to Access Rules within the Firewall pane:
- Add Permit Access Rule.
- Interface is IDMZ.
- Source is IDMZ_WSUSServer_IP.
- Destination is Enterprise_Subnet.
- Service is HTTP, HTTPS, DNS.
If you are really security conscious, you can add a URL filter that restricts access to only the following sites: