Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
310
Views
0
Helpful
1
Replies

Firewall Access Rules Configuration

Derek McCormick
Level 1
Level 1

‎05-15-2014 08:23 AM - edited ‎03-11-2019 09:12 PM

Hi

 

I am running software version 8.2.1 on a ASA 5520.

My inside network is 10.10.254.250 /24

My outside interface is 193.120.10.142

and  I have a VPN Pool of 192.168.253.1 - 15

I am trying to configure firewall access rules to allow traffic from the outside into the inside network and also when I am connected via the VPN(192.168.253.x) network to inside network. My NAT config is working ok. Just wondering if anyone has a working configuration for this.

 

My background is Cisco voice, so don't know firewalls that well

 

Thanks,
Derek

 

Labels:
0 Helpful
1 Reply 1

rvarelac
Level 7
Level 7

‎05-15-2014 12:40 PM

Hi

Here is the config for your firewall.
 

To allow outside traffic :

Access-list  name permit (host IP or net range you want to allow  )

!! This will create the access list !!

Access-group name in interface (outside interface name)

!! This will apply the access-list to the interface !!

 

Example

Access-list  OUTSIDE-TRAFFIC permit 172.20.20.0 255.255.255.0 

Access-group OUTSIDE-TRAFFIC in interface outside

 

FYI you can do access-lists to allow / deny specifics protocols or services such ping, telnet , etc or any filter any port you want.

 Regards ,

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card