Please review my config

Unanswered Question
May 13th, 2008

Please let me know if my config is valid. Sorry i don't have visio's but from what you see, syntex , etc..does it look ok? do you see any problems with this. attached is the complete config for the ASA


Web Site Piece (External)


access-list acl_inside permit tcp any host 64.213.103.14 eq www


access-list acl_inside permit tcp any host 64.213.103.20 eq www


access-list acl_inside permit tcp any host 64.213.103.20 eq https


access-list acl_inside permit tcp any host 64.213.103.15 eq www


access-list acl_inside permit tcp any host 64.213.103.22 eq www


access-list acl_inside permit tcp any host 64.213.103.22 eq https


access-list acl_inside permit tcp any host 64.213.103.23 eq www


access-list acl_inside permit tcp any host 64.213.103.23 eq https


access-list acl_inside permit tcp any host 64.213.103.24 eq www


access-list acl_inside permit tcp any host 64.213.103.24 eq https


access-list acl_inside permit tcp any host 64.213.103.8 eq www



static (dmz,outside) 64.213.103.14 192.168.9.21 netmask 255.255.255.255 0 0


static (dmz,outside) 64.213.103.20 192.168.9.100 netmask 255.255.255.255 0 0


static (dmz,outside) 64.213.103.15 192.168.9.200 netmask 255.255.255.255 0 0


static (dmz,outside) 64.213.103.22 192.168.9.22 netmask 255.255.255.255 0 0


static (dmz,outside) 64.213.103.23 192.168.9.23 netmask 255.255.255.255 0 0


static (dmz,outside) 64.213.103.24 192.168.9.24 netmask 255.255.255.255 0 0


static (dmz,outside) 64.213.103.8 192.168.9.8 netmask 255.255.255.255 0 0


SQL Piece (VPN)


static (inside,dmz) 192.168.9.16 192.168.11.16 netmask 255.255.255.255 0 0


static (inside,dmz) 192.168.9.30 192.168.10.12 netmask 255.255.255.255 0 0


conduit permit tcp host 192.168.9.16 eq www any


conduit permit tcp host 192.168.9.16 eq 1433 any


conduit permit tcp host 192.168.9.16 eq 1434 any


conduit permit tcp host 192.168.9.30 eq 445 any


conduit permit udp host 192.168.9.30 eq 445 any


conduit permit tcp host 192.168.9.30 eq 3572 any


conduit permit udp host 192.168.9.30 eq 3572 any


conduit permit tcp host 192.168.9.30 eq domain any


conduit permit tcp host 192.168.9.30 eq ftp any


conduit permit tcp host 192.168.9.30 eq netbios-ssn any


conduit permit udp host 192.168.9.30 eq 139 any




Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion

 

 

Trending Topics - Security & Network