Allowed external access to website only from a certain IP - secure?

Unanswered Question
Jul 25th, 2008


I have an internal website that I need to give a remote company access to only. I created the NAT and created an ACE to only allow their external facing IP access to the website. I'm not using port 80 either just a random port.

Now my question is can the traffic between my ASA and this external company be "sniffed" and read? I'm not using SSl or a VPN (as they don't have the IT resources to do this)?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
dhananjoy chowdhury Fri, 07/25/2008 - 00:51


yes, there is possibility of the traffic getting sniffed and read. Normal HTTP is plain text.

Now a more secure way is to encrypt traffic via SSL, without any changes on the remote side.

- Either configure SSL Web VPN on your ASA.

- Or Configure your internal WEB server to listen to SSL only.

whiteford Fri, 07/25/2008 - 02:52

Thanks, ontop of changing ports from 80 to 443 I think I need to buy an SSL certificate?


This Discussion