Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

asa firewall access list

Hi all, can anyone tell me why creating an access list allowing an ip subnet to another one through my firewall would not let me connect remotely to the pc, until I added the tcp port of the program in, I thought ip would of covered this ?

cheers

3 REPLIES
Green

Re: asa firewall access list

It does not function that way, ip is all encompassing. For instance if I had...

access-list 100 permit ip any any

I would not need

access-list 100 permit tcp any any eq 3389

Post the acl's you were using. Are you sure you had the acl applied?

New Member

Re: asa firewall access list

Hi

here are the acls, for some reason I have had to allow the port in to dial into the machine. It would not work without

access-list inside-vlan_access_in extended permit ip 172.16.0.0 255.255.0.0 any

access-list inside-vlan_access_in extended permit ip 172.24.0.0 255.255.0.0 any

access-list inside-vlan_access_in extended permit ip 172.23.0.0 255.255.0.0 any

access-list inside-vlan_access_in extended permit ip 172.17.0.0 255.255.0.0 any

New Member

Re: asa firewall access list

I have now sorted the issue, there was an incorrect mask on one of the entries

124
Views
0
Helpful
3
Replies