Help on ASA traffic Outside

Unanswered Question
Oct 29th, 2009
User Badges:


Different application needs different ports to pass traffic from inside to outside with ASA placed inbetween.

Instead of allowing all ports ; how to streamline with needed ports. Struggling to get it working.


Access-list is applied on ASA inside interface.

IF I start a Trading application from a LAN Host which needs to connect to Trading Server on INTERNET; how do I identify which ports are needed to open on ASA??

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
cisco24x7 Thu, 10/29/2009 - 03:31
User Badges:
  • Silver, 250 points or more

access-list capture permit ip LAN_host Internet_host log

capture tcpdump access-list test interface internal

"show capture tcpdump" will show you which port LAN_host communicate with Internet host.

saquib.tandel Thu, 10/29/2009 - 04:02
User Badges:


I am aware of LAN Host but not aware of Internet Host.

How to clear counter of the log as it shows already some hits


This Discussion