How to open 2 ranges of ports in a 5510

Answered Question
Sep 8th, 2010

I'm new to Cisco and am unsure that the posts I've seen answer my question, so I thought I'd ask it directly:

We have a ASA5510 version 7.0(8); our public ip is 216.220.232.224

How can I open TCP ports 3230 - 3243 and UDP ports 3230 - 3285 for 192.168.0.225 for anyone in the outside world?

Would it be something like this in the CLI?

access-list outside_access_in extended permit tcp any host 216.220.232.224 range 3230 3243
static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255
access-group outside_access_in in interface outside

access-list outside_access_in extended permit udp any host 216.220.232.224 range 3230 3285
static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255
access-group outside_access_in in interface outside

I have this problem too.
0 votes
Correct Answer by Federico Coto F... about 6 years 3 months ago

Also need to correct the syntax for the static:

static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255

Should be:

static (inside,outside) 216.220.232.224 192.168.0.225

Federico.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Federico Coto F... Wed, 09/08/2010 - 07:28

Hi,

Exactly.

But you only need this:

access-list outside_access_in extended permit tcp any host 216.220.232.224 range 3230 3243

access-list outside_access_in extended permit udp any host 216.220.232.224 range 3230 3285

static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255
access-group outside_access_in in interface outside

Federico.

Correct Answer
Federico Coto F... Wed, 09/08/2010 - 07:29

Also need to correct the syntax for the static:

static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255

Should be:

static (inside,outside) 216.220.232.224 192.168.0.225

Federico.

Actions

This Discussion