ASA 5505

Unanswered Question
Oct 14th, 2008

I would like to have a device on my network accessable from the outside world through ANY port

i have tried using the cmd lines below but with no luck...

access-list outside_access_in extended permit tcp any host 1.2.3.4

access-list outside_access_in extended permit tcp any host 1.2.3.4 eq any

anyone have any ideas?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
suschoud Tue, 10/14/2008 - 12:46

is the " access-g outside_access_in in interface outside " in place ?

Regards,

Sushil

suschoud Tue, 10/14/2008 - 13:07

an access list is of no use till the time it is applied on an interface.

through " access-group " command we apply an access list on an interface.

PLease add the command from my previous post...should work.

Do rate helpful posts.

Regards,

Sushil

JORGE RODRIGUEZ Tue, 10/14/2008 - 13:18

In addition to placing the access-group couple of things you may want to check in the event that you already have access-group outside_access_in in interface outside statement in firewall and still no connection.

1-Make sure the server does not have any firewall of its own enable

2- Make sure the server does indeed listen on ports intended, example lets say port 80 for web, or SSL, telnet, ftp etc..

3- do a telnet test towards the server pub ip from an outside host if you can on the ports the server is listening on.

c:\telnet

look at the logs on asdm see what it tells you while you try connection from the outside.

Rgds

Jorge

Actions

This Discussion