My question is along the lines of this one in the forum, however, it is a little different.
Say I have this:
Untrust to Trust
Source address: Any
Destination address; MIP
Service: LDAP
Action: Permit
MIP works fine, nothing of note there.
All of our MIP setups are used with apps that initiate from Untrust to Trust.
We have an app where the Trust host (the destination of the MIP) would need/want to initiate a connection to the Untrust/Internet on an ad hoc basis.
Am I right to think that this will happen via the MIP without the need for me to put in any sort of Trust to Untrust rule?
In other words, a MIP is reflexive in that I can go Untrust to Trust with service X and Trust to Untrust with service X with just the single policy (?)
Maybe I'm overthinking this...