Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Please review my config

Please let me know if my config is valid. Sorry i don't have visio's but from what you see, syntex , etc..does it look ok? do you see any problems with this. attached is the complete config for the ASA

Web Site Piece (External)

access-list acl_inside permit tcp any host 64.213.103.14 eq www

access-list acl_inside permit tcp any host 64.213.103.20 eq www

access-list acl_inside permit tcp any host 64.213.103.20 eq https

access-list acl_inside permit tcp any host 64.213.103.15 eq www

access-list acl_inside permit tcp any host 64.213.103.22 eq www

access-list acl_inside permit tcp any host 64.213.103.22 eq https

access-list acl_inside permit tcp any host 64.213.103.23 eq www

access-list acl_inside permit tcp any host 64.213.103.23 eq https

access-list acl_inside permit tcp any host 64.213.103.24 eq www

access-list acl_inside permit tcp any host 64.213.103.24 eq https

access-list acl_inside permit tcp any host 64.213.103.8 eq www

static (dmz,outside) 64.213.103.14 192.168.9.21 netmask 255.255.255.255 0 0

static (dmz,outside) 64.213.103.20 192.168.9.100 netmask 255.255.255.255 0 0

static (dmz,outside) 64.213.103.15 192.168.9.200 netmask 255.255.255.255 0 0

static (dmz,outside) 64.213.103.22 192.168.9.22 netmask 255.255.255.255 0 0

static (dmz,outside) 64.213.103.23 192.168.9.23 netmask 255.255.255.255 0 0

static (dmz,outside) 64.213.103.24 192.168.9.24 netmask 255.255.255.255 0 0

static (dmz,outside) 64.213.103.8 192.168.9.8 netmask 255.255.255.255 0 0

SQL Piece (VPN)

static (inside,dmz) 192.168.9.16 192.168.11.16 netmask 255.255.255.255 0 0

static (inside,dmz) 192.168.9.30 192.168.10.12 netmask 255.255.255.255 0 0

conduit permit tcp host 192.168.9.16 eq www any

conduit permit tcp host 192.168.9.16 eq 1433 any

conduit permit tcp host 192.168.9.16 eq 1434 any

conduit permit tcp host 192.168.9.30 eq 445 any

conduit permit udp host 192.168.9.30 eq 445 any

conduit permit tcp host 192.168.9.30 eq 3572 any

conduit permit udp host 192.168.9.30 eq 3572 any

conduit permit tcp host 192.168.9.30 eq domain any

conduit permit tcp host 192.168.9.30 eq ftp any

conduit permit tcp host 192.168.9.30 eq netbios-ssn any

conduit permit udp host 192.168.9.30 eq 139 any

157
Views
0
Helpful
0
Replies