i need some help in configuring downloadable acls on asa.
i have configured a downloadable acl on the asa as follows - permit tcp host 18.104.22.168 host 22.214.171.124 eq 80. i get authenticated successfully , but i get an error saying acl authorizaion denied. the acl gets downloaded on the asa and i am able to browse the webpage on 126.96.36.199.
i am using telnet to authenticate. the access list for permitting telnet traffic on the outside interface is - access-l 101 permit tcp host 188.8.131.52 host 184.108.40.206 eq 23. i have used the per-user-override option in the access-group command - access-group 101 in int outside per-user-override.
my query is , can i permit a specific port no. in the downloadble acl ?also, why i am geting the authorizain denied error.
the config guide of 7.2.2 mentions no usage of port nos.in the acls. Directly udp or cp or ip traffic is permitted / denied.
I think you can use port numbers on downloadable acls. The authorization denied message means that the access list check failed; either it matched a deny, or it matched nothing, such as an implicit deny. Following link may help you
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...