we have a client with a soho91, they have a workstation trying to make a secure connection using a vpn client. The vendor informed us that the "firewall" need to allow 3 specific ports. There is no access-list applied to the outside. I created a acl and applied it to the interface but when I do that anything that is not specifically allowed through the acl is blocked. Is there a better way to do this? Also, how can we manage the stateful inspection of the soho device?