ASA basic rules
unless you have restricted traffic with an ACL. This is called an outbound
Traffic from a lower to a higher level is denied, by default, unless you explicitly
permit it by configuring access control lists (ACLs), and/or configure Cut-through Proxy (CTP) authentication, discussed in. This is called an inbound connection.
Traffic from the same security level to the same level is denied by default.