Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

Internet Browsing

I created an ACL to allow only port 80 on my workstations. But most of the time, i can not able to access some websites. What port/s that needs to be allowed. I know that the internet is using a dynamic ports. can someone advise me or give some recommendation.

Thanks

2 REPLIES
Gold

Re: Internet Browsing

if your ACL is applied on the inside interface, you need an ACL similar to the following:

access-list inside_acl permit tcp any any eq 80

access-list inside_acl permit tcp any any eq 443

access-group inside_acl in interface inside

this will ONLY allow http and https...NOTHING else.

New Member

Re: Internet Browsing

I am asking though i already set the port 80 on my acl, but when i tried to access the internet some of them won't go thru. I run some packet and port monitoring tools and it shows that there are a lot of dynamic ports involve in the internet. I don't want any restriction when browsing the internet. so i guess i just have to allowed all the protocol and ports.

126
Views
0
Helpful
2
Replies
CreatePlease to create content