Solved

configure asa 5510 firewall for websense remote client filtering

Posted on 2009-04-06
2
682 Views
Last Modified: 2012-05-06
Trying to set up my firewall to allow remote client filtering with websense.  I already have a websense filter server for all of my internal clients running successfully on my 'inside' network.  I have installed a remote filtering server in my dmz that will be used to provide websense service for my laptop users who venture outside the network.  The remote server needs to communicate with the internal websense (policy) server.  I have been able to configure the firewall to allow my policy server to communicate via ping and remote desktop with the remote server in the dmz.  I am supposed to open up some ports that allows the remote server to communicate back with the policy server, for example tcp 55806, however I haven't been able to figure out where or how on my firewall I need to make this setting.  The specific instruction for this port is to "enable communication FROM remote filtering server (in dmz) to policy server (internal)."  My firewall experience, especially dmz configuration, is obviously novice.  Hopefully I have provided enough information and appreciate any guidance.
0
Comment
Question by:rick13175
2 Comments
 
LVL 5

Accepted Solution

by:
andrewis earned 500 total points
ID: 24079853
Because this traffic will be flowing from a lower to higher security level you will need an ACL permitting this traffic.

There is probably already an ACL configured on your DMZ interface.

Look in the configuration for an access-group command

access-group aclname in interface DMZ

Once you have established the name of the ACL you can add the entry that will allow the traffic to flow.

conf t
access-list aclname line 1 permit tcp sourceIP destinationIP eq 55806



0
 

Author Closing Comment

by:rick13175
ID: 31567143
Thank you very much--this was just the ticket I needed to get into the ball park.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
palo alto VM series in AWS 3 91
Cisco ASA Restarted Suddenly 11 79
ASE reports it as spam 2 123
Firewall report connections 8 23
Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now