Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA5520 access-list configuration?

I have two asa5520s, version 7.2(2).

I have use access-list for the firewall as:

access-list outside extended permit ip object-group mydomain any

access-list outside extended permit icmp object-group mydomain any

access-group outside in interface outside.

I believe that all the ip traffic should be allowed from machine AA in private network behind inside interface to a machine BB in public network (outside of outside interface of asa5520)

(private) AA->asa5520->BB (public)

However, it seems works for most of case, but, it do not work for certain port.

telnet AA 80 -> it seems working fine

telnet AA 3816 -> it is not work.

when I do the packet trace on asa5520, it said access-list not allowed.

Could anyone advice me what does my configuratin miss? How to corrrect this problem? and also, how can I see all the implicy rules which set by default?

any comments will be appreciated

Thanks in advance

1 REPLY
New Member

Re: ASA5520 access-list configuration?

please upload/copy your config so we can see

207
Views
0
Helpful
1
Replies