The Modular Policy Framework (MPF) and Access Rules on the #CiscoAdaptive Security Appliance (ASA) firewall go together like peanut butter and jelly. MPF and Access Rules are also two of the most complicated and confusing topics for new learners looking to master basic ASA firewall configuration…that was, until now!
In this Hut8 networking techtorial we take a deep dive look at the semantics of both MPF and Access Rules to see just how the two go hand-in-hand. We examine the default behavior of the ASA firewall’s implicit Access Rules and how the old adage about ‘traffic from a higher-level security zone being allowed to a lower-level security zone’ is true only to a point. We compare and contrast the idea of a ‘stateful’ approach to traffic filtering with a ‘stateless’ approach. We also compare and contrast the ‘icmp use case’ as to whether you want to use an Access Rule or MPF to allow icmp traffic back into your network, and much, much more…enjoy!