Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
506
Views
0
Helpful
2
Replies

Cisco ASA-5520 ACL with PAT

nacertified
Level 1
Level 1

‎02-15-2007 10:14 PM - edited ‎03-11-2019 02:34 AM

hello

I am using PAT with my cisco ASA5520.

I want to block the unnecessary ports by applying the ACL on outside interface to secuse my inside network.Could it be possible using an inside private address as a source address in the ACL.If not then what is the way to apply acl with PAT?

ur quick response will be highly appreciated.

Thanx

Labels:
0 Helpful
2 Replies 2

vitripat
Level 7
Level 7

‎02-16-2007 09:39 AM

By default, everything from outside to inside is blocked. You dont need a ACL for this. If this doesnt answer your concern, could you clarify a little bit more on this ?

0 Helpful

shomar
Level 1
Level 1

‎02-16-2007 12:44 PM

Hi

it is not possible to use the private ip addresses on the ACL on the outside interface, instead you can use the PAT address.

for example you can apply the following on the outside ACL:

access-list test deny tcp any host x.x.x.x range y-z

where:

x.x.x.x: the PAT ip address

y-z: the port rang you want to block.

hopefully this is will fulfill your needs :) if not I appreciate if you explain further.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card