Create an ASA Global Access List
Global access policies are network policies that are applied to all the interfaces on an ASA. These policies are only applied to inbound network traffic. You can create a global access policy to ensure that a set of rules is applied uniformly to all the interfaces on an ASA.
Only one global access policy can be configured on an ASA. However, a global access policy can have more than one rule assigned to it, just like any other policy.
This is the order of rule-processing on the ASA:
-
Interface access rules
-
Bridge Virtual Interface (BVI) access rules
-
Global access rules
-
Implicit deny rules
Procedure
Step 1 | In the left pane, click Inventory. |
Step 2 | Click the ASA tab and select an ASA device by checking the corresponding check box. |
Step 3 | In the Management pane on the right, click Policy. |
Step 4 | From the Selected Access List drop-down list, choose an access list. |
Step 5 | In the Actions pane displayed on the right, click Assign Interfaces. |
Step 6 | Check the Create as a global access list check box. |
Step 7 | Click Save. |
Step 8 | Review and deploy the changes you made now, or wait and deploy multiple changes. |