Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Limit traffic sourced from ASA

Hi All,

Please help me with how to limit traffic sourced from the ASA eg. I only want cop run tftp to work to one subnet where tftp servers lives.

Thanks, MH

3 REPLIES
New Member

Re: Limit traffic sourced from ASA

Hi,

To my knowlege there is no feature that does this on the ASA...most of the time, traffic destined towards the ASA would be limited/restricted:

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/mgaccess.html#wp1042034

Why would you want to restrict traffic sourced from the ASA? (since it is initiated by the admin most of the time) If we understand the background of your requirement, we might be able to provide an alternative solution.

hth

New Member

Re: Limit traffic sourced from ASA

Hi Ivarn,

I understand your logic.

I thought it might be possible to restrict like on IOS an "access-class out" can be put on a vty to limit where it can go to.

Regards, MH

Re: Limit traffic sourced from ASA

Since the ASA is a security device it is not allowed to telnet/ssh to other systems. It can ftp/http for image downloads and send syslog, but that's about it (that I can think of off the top of my head).

105
Views
0
Helpful
3
Replies