07-11-2007 12:12 PM - edited 03-11-2019 03:43 AM
I created an ACL to allow only port 80 on my workstations. But most of the time, i can not able to access some websites. What port/s that needs to be allowed. I know that the internet is using a dynamic ports. can someone advise me or give some recommendation.
Thanks
07-11-2007 12:25 PM
if your ACL is applied on the inside interface, you need an ACL similar to the following:
access-list inside_acl permit tcp any any eq 80
access-list inside_acl permit tcp any any eq 443
access-group inside_acl in interface inside
this will ONLY allow http and https...NOTHING else.
07-11-2007 03:10 PM
I am asking though i already set the port 80 on my acl, but when i tried to access the internet some of them won't go thru. I run some packet and port monitoring tools and it shows that there are a lot of dynamic ports involve in the internet. I don't want any restriction when browsing the internet. so i guess i just have to allowed all the protocol and ports.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide