Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
277
Views
0
Helpful
2
Replies

Internet Browsing

worldcalltel
Level 1
Level 1

‎07-11-2007 12:12 PM - edited ‎03-11-2019 03:43 AM

I created an ACL to allow only port 80 on my workstations. But most of the time, i can not able to access some websites. What port/s that needs to be allowed. I know that the internet is using a dynamic ports. can someone advise me or give some recommendation.

Thanks

Labels:
0 Helpful
2 Replies 2

srue
Level 7
Level 7

‎07-11-2007 12:25 PM

if your ACL is applied on the inside interface, you need an ACL similar to the following:

access-list inside_acl permit tcp any any eq 80

access-list inside_acl permit tcp any any eq 443

access-group inside_acl in interface inside

this will ONLY allow http and https...NOTHING else.

0 Helpful

worldcalltel
Level 1
Level 1
In response to srue

‎07-11-2007 03:10 PM

I am asking though i already set the port 80 on my acl, but when i tried to access the internet some of them won't go thru. I run some packet and port monitoring tools and it shows that there are a lot of dynamic ports involve in the internet. I don't want any restriction when browsing the internet. so i guess i just have to allowed all the protocol and ports.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card