ACL on Cisco IOS
Posted on 2006-06-20
I need to implement an ACL on our Cisco 2821 router. This router controls connectivity to our web server. We have several domains hosted here, and a few of which make outbound Web Requests (for a web services-like transactions). So because of the nature of the HTTP protocol, I'm unsure of how to implement the ACL in order to allow outbound traffic from the web server out to other sites. The code on our web portals makes these web requests out to other URL's.
So when outbound requests are made, they come from a random port on the senders machine, and port 80 on the destination machine. How can I enable a safe ACL on our router when the outbound requests leave from random ports? Is there some way that I can force these outbound requests on the web server to always use some arbitrary port on our web server that I specify?
Hope this makes sense, please help! We need to lock down the web server soon since we have had some un-friendly intruders.