09-02-2008 12:33 AM - edited 03-11-2019 06:38 AM
Hi again! I've got an ASA5510 firewall and I want to allow only http requests from the inside network. I have tried the following access-lists without success:
access-list 200 extended permit tcp any any eq http
access-group 200 in interface inside
and
access-list 200 extended deny any any neq http
access-group 200 in interface inside
any suggestions?
09-02-2008 12:43 AM
Hi,
by without success what do you mean exactly? did inside network access http and everything or inside network couldn't access any thing at all???
Tha access list is right. you may check your NAT, Global configuration.
B.Regards,
Mohammed Moustafa.
09-02-2008 01:13 AM
the inside network can access everything, including http. Still a NAT failure?
09-02-2008 01:34 AM
Sorry, I mistook posting the second access-list, here is the right one:
access-list 200 extended deny tcp any any neq http
access-group 200 in interface inside
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide