How to open 2 ranges of ports in a 5510

Answered Question
Sep 8th, 2010
User Badges:

I'm new to Cisco and am unsure that the posts I've seen answer my question, so I thought I'd ask it directly:


We have a ASA5510 version 7.0(8); our public ip is 216.220.232.224


How can I open TCP ports 3230 - 3243 and UDP ports 3230 - 3285 for 192.168.0.225 for anyone in the outside world?


Would it be something like this in the CLI?


access-list outside_access_in extended permit tcp any host 216.220.232.224 range 3230 3243
static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255
access-group outside_access_in in interface outside


access-list outside_access_in extended permit udp any host 216.220.232.224 range 3230 3285
static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255
access-group outside_access_in in interface outside

Correct Answer by Federico Coto F... about 6 years 9 months ago

Also need to correct the syntax for the static:


static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255

Should be:


static (inside,outside) 216.220.232.224 192.168.0.225


Federico.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Federico Coto F... Wed, 09/08/2010 - 07:28
User Badges:
  • Green, 3000 points or more

Hi,


Exactly.

But you only need this:


access-list outside_access_in extended permit tcp any host 216.220.232.224 range 3230 3243

access-list outside_access_in extended permit udp any host 216.220.232.224 range 3230 3285

static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255
access-group outside_access_in in interface outside


Federico.

Correct Answer
Federico Coto F... Wed, 09/08/2010 - 07:29
User Badges:
  • Green, 3000 points or more

Also need to correct the syntax for the static:


static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255

Should be:


static (inside,outside) 216.220.232.224 192.168.0.225


Federico.

Actions

This Discussion