07-11-2007 12:12 PM - edited 03-11-2019 03:43 AM
I created an ACL to allow only port 80 on my workstations. But most of the time, i can not able to access some websites. What port/s that needs to be allowed. I know that the internet is using a dynamic ports. can someone advise me or give some recommendation.
Thanks
07-11-2007 12:25 PM
if your ACL is applied on the inside interface, you need an ACL similar to the following:
access-list inside_acl permit tcp any any eq 80
access-list inside_acl permit tcp any any eq 443
access-group inside_acl in interface inside
this will ONLY allow http and https...NOTHING else.
07-11-2007 03:10 PM
I am asking though i already set the port 80 on my acl, but when i tried to access the internet some of them won't go thru. I run some packet and port monitoring tools and it shows that there are a lot of dynamic ports involve in the internet. I don't want any restriction when browsing the internet. so i guess i just have to allowed all the protocol and ports.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: