Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA Help with ports

Hi,

I need to allow the following from inside to outside without compromising security, only initiated from inside.

Allow SSH to devices on Internet from LAN

Allow PPTP and Cisco VPN (IPSEC) to connect from inside to outside

Allow ports 5130 outside

Restrict port 80 and 8080 from inside to outside ( browsing )

4 REPLIES
Community Member

Re: ASA Help with ports

A good place to start for this would be to use nat-control:

"NAT control requires that packets traversing from an inside interface to an outside interface match a NAT rule; for any host on the inside network to access a host on the outside network, you must configure NAT to translate the inside host address."

http://www.cisco.com/en/US/customer/docs/security/asa/asa80/command/reference/no.html#wp1753422

Community Member

Re: ASA Help with ports

Hi,

We have NAT 0 condigured and acl outside but still not able fullfill my requirement, can document or cisco link would be helpful.

Silver

Re: ASA Help with ports

access-list test_acl extended deny tcp any any eq 80

access-list test_acl extended deny tcp any any eq 8080

access-list test_acl extended permit tcp any any eq ssh

access-list test_acl extended permit udp any any eq 1723

access-list test_acl extended permit gre any any

access-list test_acl extended permit esp any any

access-list test_acl extended permit udp any any eq 500

access-list test_acl extended permit udp any any eq 4500

access-list test_acl extended permit tcp any any eq 5130

access-group test_acl in interface inside

Community Member

Re: ASA Help with ports

Many Thanks.

is it possbile to allow traffic from inside to outside with bandwidth limit.

I need to allow socket application with 64K bandwidth limit.

256K allow limit for PPTP VPN from inside to outside.

135
Views
0
Helpful
4
Replies
CreatePlease to create content