Help on ASA traffic Outside

Unanswered Question
Oct 29th, 2009

Hello


Different application needs different ports to pass traffic from inside to outside with ASA placed inbetween.


Instead of allowing all ports ; how to streamline with needed ports. Struggling to get it working.


LANUSERS_____switch____ASA_____INTERNET


Access-list is applied on ASA inside interface.


IF I start a Trading application from a LAN Host which needs to connect to Trading Server on INTERNET; how do I identify which ports are needed to open on ASA??

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
cisco24x7 Thu, 10/29/2009 - 03:31

access-list capture permit ip LAN_host Internet_host log


capture tcpdump access-list test interface internal


"show capture tcpdump" will show you which port LAN_host communicate with Internet host.

saquib.tandel Thu, 10/29/2009 - 04:02

Hi

I am aware of LAN Host but not aware of Internet Host.


How to clear counter of the log as it shows already some hits

Actions

This Discussion