Internet Browsing

Unanswered Question
Jul 11th, 2007

I created an ACL to allow only port 80 on my workstations. But most of the time, i can not able to access some websites. What port/s that needs to be allowed. I know that the internet is using a dynamic ports. can someone advise me or give some recommendation.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
srue Wed, 07/11/2007 - 12:25

if your ACL is applied on the inside interface, you need an ACL similar to the following:

access-list inside_acl permit tcp any any eq 80

access-list inside_acl permit tcp any any eq 443

access-group inside_acl in interface inside

this will ONLY allow http and https...NOTHING else.

worldcalltel Wed, 07/11/2007 - 15:10

I am asking though i already set the port 80 on my acl, but when i tried to access the internet some of them won't go thru. I run some packet and port monitoring tools and it shows that there are a lot of dynamic ports involve in the internet. I don't want any restriction when browsing the internet. so i guess i just have to allowed all the protocol and ports.


This Discussion