ASA 5505

Unanswered Question
Oct 14th, 2008

I would like to have a device on my network accessable from the outside world through ANY port

i have tried using the cmd lines below but with no luck...

access-list outside_access_in extended permit tcp any host

access-list outside_access_in extended permit tcp any host eq any

anyone have any ideas?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
suschoud Tue, 10/14/2008 - 12:46

is the " access-g outside_access_in in interface outside " in place ?



suschoud Tue, 10/14/2008 - 13:07

an access list is of no use till the time it is applied on an interface.

through " access-group " command we apply an access list on an interface.

PLease add the command from my previous post...should work.

Do rate helpful posts.



JORGE RODRIGUEZ Tue, 10/14/2008 - 13:18

In addition to placing the access-group couple of things you may want to check in the event that you already have access-group outside_access_in in interface outside statement in firewall and still no connection.

1-Make sure the server does not have any firewall of its own enable

2- Make sure the server does indeed listen on ports intended, example lets say port 80 for web, or SSL, telnet, ftp etc..

3- do a telnet test towards the server pub ip from an outside host if you can on the ports the server is listening on.


look at the logs on asdm see what it tells you while you try connection from the outside.




This Discussion