downloadable acls on asa

Unanswered Question
Jul 20th, 2007

hi all,


i need some help in configuring downloadable acls on asa.


i have configured a downloadable acl on the asa as follows - permit tcp host 2.1.1.2 host 1.1.1.2 eq 80. i get authenticated successfully , but i get an error saying acl authorizaion denied. the acl gets downloaded on the asa and i am able to browse the webpage on 1.1.1.2.


i am using telnet to authenticate. the access list for permitting telnet traffic on the outside interface is - access-l 101 permit tcp host 2.1.1.2 host 1.1.1.2 eq 23. i have used the per-user-override option in the access-group command - access-group 101 in int outside per-user-override.


my query is , can i permit a specific port no. in the downloadble acl ?also, why i am geting the authorizain denied error.


the config guide of 7.2.2 mentions no usage of port nos.in the acls. Directly udp or cp or ip traffic is permitted / denied.


waiting for reply.


thanks.


regards

kirti.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
kirti_bapat Thu, 07/26/2007 - 09:53

yeah thanks for the response. yes port nos. do work fine.the link refers to the config guide.


thanks

kirti

Actions

This Discussion