Each interface on a Cisco ASA has a security level. By default the ASA ACL allows traffic from higher to lower security level, but not the other way around.
Question: When I add an additional ACL rule, does the implicit rule still apply if my inserted rule doesn't match?
Best Answer
No, specific rule takes the implicit ANY->ANY LESS SECURE rule down. If your rule is not matched, the packet will proceed to the implicit DENY.