Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
364
Views
0
Helpful
1
Replies

ACL commands

durhamcs
Level 1
Level 1

‎04-23-2003 01:31 PM - edited ‎02-20-2020 09:21 PM

I have a Pix 515e with 3 inter faces.

outside 206.135.121.3

inside 10.0.14.3

dmz 192.168.10.254

I would like to give a remote host 216.102.151.102 access to a server on the inside 10.0.102.5 using range 16151 -16241.

What are the commands I need to input for this to work?

Labels:
0 Helpful
1 Reply 1

vikrantarora
Level 1
Level 1

‎04-23-2003 01:58 PM

Please follow these steps:

Step 1. Write the access list allowing tcp traffic. public_ip_assigned_to_server should be one of the IP's given by your ISP.

access-list acl_out permit tcp host 216.102.151.102 host public_ip_assigned_to_server range 16151 16241

Step 2. Apply the access-list to the incoming traffic on the outside interface

access-group acl_out in interface outside

Step 3. Inbound access is denied by default, so put in a static after defining an access list as done in Step 1 above.

static (inside,outside) public_ip_assigned_to_server 10.0.102.5 netmask 255.255.255.255

This should be all. Hope it works!

vik

0 Helpful
Customers Also Viewed These Support Documents