1) access-list 8312_out is fine. It allows any host to connect to port 8312 on host x.x.x.x
You need to apply this on the inside interface ie.
access-group 8312_out in interface inside
2) access-list 8323_in just needs clarifying. This access-list at present allows host x.x.x.x to talk to any host internally on port 8323.
Is this what you want or do you want to allow the host x.x.x.x with a source port of 8323 to talk to any host on any port inside your network ( hopefully not)
Anyway you have applied this correctly on the right interface.
*** Every access-list has an implicit deny at the end. You need to be aware of this especially on your 8312_out access-list. if you apply as is on the inside interface you have effectivley stopped all outbound traffic except for traffic to host x.x.x.x on 8312 ***
You can just have one ACL on the outside interface. The flow from the inside interface to the outside is allowed by default so do not configure an ACL otherwise you need to define all inside to outside traffic rules.
You need also a static NAT or PAT to translate the outside PIX IP to the inside host.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :