Help with ACL on ASA 5505

Unanswered Question
Dec 1st, 2009
User Badges:

Hi all,

Looking for some assistance with creating an ACL to allow traffic both ways for a device.  We have an ASA 5505 for our VPN, however there is a device on our network that needs to be monitored from the vendor.  I have an open IP from the ISP that i'm going to use for a static NAT to that device, but I can't seem to get the access control list correct to allow traffic through from one specific external IP running through a pre-defined port.  I also need port 80 traffic through from an external range.

Thanks for any help


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Panos Kampanakis Tue, 12/01/2009 - 09:29
User Badges:
  • Cisco Employee,


Your ACL apllied on the outside of the ASA should be

access-list permit tcp host host

access-list permit tcp host 80

And of course I would expect you to have a static like

static (inside,outside)

I hope it helps.



This Discussion