Open Port on ASA 5510

samz · ‎03-16-2010

Hi,

I need to open a port so that one of our user's can access and application externally which uses port 6999.

How would I open the port so that the user can access the server using port 6999.

Thanks

SZ

KARUPPUCHAMY MALAIYANDI · ‎03-16-2010

Hi,

is the user is trying to access this application from outside to your network ??. If yes, write the extended acl and apply that acl into your outside interface,

access-list access-list-number [dynamic dynamic-name [timeout minutes]]{deny | permit} tcp source source-wildcard [operator port]] destination destination-wildcard [operator [port]] [established][precedence precedence] [tos tos] [log | log-input] [time-range time-range-name]

Example:

access-list 101 permit tcp host 10.1.1.2 host 172.16.1.1 eq telnet 

Regards
Karuppu

samz · ‎03-16-2010

Hi,

No the user is inside the network (LAN).

How do I enable any user or IP on the lan to access that port.

Thanks

KARUPPUCHAMY MALAIYANDI · ‎03-16-2010

Hi,

what is the source ip and where it is residing(inside of your firewall or outside) ??

what is the destination ip and where it is residing(inside of your firewall or outside) ??

not able to understand your questions...

Regards

Karuppu

samz · ‎03-17-2010

Hi

Do you have an update on this issue.

Thanks

Sam

Sent from my iPhone

On 17/03/2010, at 5:28 PM, "foreverkaruppu"

KARUPPUCHAMY MALAIYANDI · ‎03-17-2010

Hi,

If you are using cisco firewalls PIX515/525/533 or ASA then the default rule is from high security level inerface(inside) to low security level(outside) everything is permitted.No need to add any access list to access anything from your inside to outside.

But you should have a proper NAT configuration in your firewall.

If you need more help, then paste your running configuration.

Regards

Karuppu

samz · ‎03-18-2010

Hi,

I have attached a copy of the config file.

Thanks for your help and talk soon.

Sam

ebonnie · ‎01-06-2020

Hi,

I have a requirement for port opening.. Customer only shared below info

Connect24 : 172.192.x.x Port : 1756

WEB service : 172.192.x.x Port : 2556

How can I do this from ASDM

samz · ‎03-16-2010

Hi,

I want any IP on the LAN which is behind the firewall to access an IP 64.x.x.x outside the firewall

example any ip 192.168.0.1/24 to access ip 61.x.x.x on port 6999.

I also need to set up rdp to ip 192.168.0.254 which resided inside the firewall.

The IP of the firewall is 192.168.0.x

Thanks

Kureli Sankar · ‎03-18-2010

To make your 192.168.0.254 accessible via RDP you need to configure static

1. static (i,o) tcp interface 3389 192.168.0.254 3389 net 255.255.255.255

2. also provide permission via acl on the outside interface to allow traffic destined to your interface IP.

I want any IP on the LAN which is behind the firewall to access an IP 64.x.x.x outside the firewall

example any ip 192.168.0.1/24 to access ip 61.x.x.x on port 6999.

For the above you don' t need anything if you do not have an inside access-list applied IN on the inside interface. If you do have acl that you have applied on the inside interface then you need to permit this flow.

access-list inside-acl per tcp any ho 61.x.x.x eq 6999

-KS

samz · ‎03-18-2010

Hi,

I am a novice when it comes to cisco, what command/s do I need to type to set the RDP access up.

Thanks

Sam

samz · ‎03-23-2010

Hi,

I tried the command suggested " access-list inside-acl per tcp any ho 58.96.29.214 eq 6999" but still the software can't connect to the server (on the internet) using port 6999.

Any other suggestions.

Regards,

Sam