Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Allowed external access to website only from a certain IP - secure?

Hi,

I have an internal website that I need to give a remote company access to only. I created the NAT and created an ACE to only allow their external facing IP access to the website. I'm not using port 80 either just a random port.

Now my question is can the traffic between my ASA and this external company be "sniffed" and read? I'm not using SSl or a VPN (as they don't have the IT resources to do this)?

2 REPLIES

Re: Allowed external access to website only from a certain IP -

Hi,

yes, there is possibility of the traffic getting sniffed and read. Normal HTTP is plain text.

Now a more secure way is to encrypt traffic via SSL, without any changes on the remote side.

- Either configure SSL Web VPN on your ASA.

- Or Configure your internal WEB server to listen to SSL only.

New Member

Re: Allowed external access to website only from a certain IP -

Thanks, ontop of changing ports from 80 to 443 I think I need to buy an SSL certificate?

124
Views
0
Helpful
2
Replies
CreatePlease to create content