How to allow Only https to communicate with the Office web server

Unanswered Question
May 1st, 2017
User Badges:

Hi All,

I have a ASA 5505 Firewall Installed in our network. On our office network there is a SQL Server running that communicates with our website for live data.

I need only https communication to occur between the webserver and our internal server.

at present I have 2 rules applied as below/attached.

xx.xx.xx.40 is the leased line.

The problem with the present setting is that there are failed login attempts to SQL Server hence I need to secure it.

Thank you




Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Karsten Iwen Mon, 05/01/2017 - 02:19
User Badges:
  • Purple, 4500 points or more
  • Cisco Designated VIP,

    2017 Firewalling, VPN

The highlighted line allows SQL from the whole internet to your internal server which is always a bad idea (same for line 10). This line should be removed. And if the webserver only needs HTTPS, then also the line 8 can be removed.

Actions

This Discussion