Please review my config

Unanswered Question
May 13th, 2008

Please let me know if my config is valid. Sorry i don't have visio's but from what you see, syntex , etc..does it look ok? do you see any problems with this. attached is the complete config for the ASA

Web Site Piece (External)

access-list acl_inside permit tcp any host 64.213.103.14 eq www

access-list acl_inside permit tcp any host 64.213.103.20 eq www

access-list acl_inside permit tcp any host 64.213.103.20 eq https

access-list acl_inside permit tcp any host 64.213.103.15 eq www

access-list acl_inside permit tcp any host 64.213.103.22 eq www

access-list acl_inside permit tcp any host 64.213.103.22 eq https

access-list acl_inside permit tcp any host 64.213.103.23 eq www

access-list acl_inside permit tcp any host 64.213.103.23 eq https

access-list acl_inside permit tcp any host 64.213.103.24 eq www

access-list acl_inside permit tcp any host 64.213.103.24 eq https

access-list acl_inside permit tcp any host 64.213.103.8 eq www

static (dmz,outside) 64.213.103.14 192.168.9.21 netmask 255.255.255.255 0 0

static (dmz,outside) 64.213.103.20 192.168.9.100 netmask 255.255.255.255 0 0

static (dmz,outside) 64.213.103.15 192.168.9.200 netmask 255.255.255.255 0 0

static (dmz,outside) 64.213.103.22 192.168.9.22 netmask 255.255.255.255 0 0

static (dmz,outside) 64.213.103.23 192.168.9.23 netmask 255.255.255.255 0 0

static (dmz,outside) 64.213.103.24 192.168.9.24 netmask 255.255.255.255 0 0

static (dmz,outside) 64.213.103.8 192.168.9.8 netmask 255.255.255.255 0 0

SQL Piece (VPN)

static (inside,dmz) 192.168.9.16 192.168.11.16 netmask 255.255.255.255 0 0

static (inside,dmz) 192.168.9.30 192.168.10.12 netmask 255.255.255.255 0 0

conduit permit tcp host 192.168.9.16 eq www any

conduit permit tcp host 192.168.9.16 eq 1433 any

conduit permit tcp host 192.168.9.16 eq 1434 any

conduit permit tcp host 192.168.9.30 eq 445 any

conduit permit udp host 192.168.9.30 eq 445 any

conduit permit tcp host 192.168.9.30 eq 3572 any

conduit permit udp host 192.168.9.30 eq 3572 any

conduit permit tcp host 192.168.9.30 eq domain any

conduit permit tcp host 192.168.9.30 eq ftp any

conduit permit tcp host 192.168.9.30 eq netbios-ssn any

conduit permit udp host 192.168.9.30 eq 139 any

Attachment: 
I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion

 

 

Trending Topics - Security & Network