High range ports and ASA inspection ?
Posted on 2010-11-10
We have an ASA5505 with inside, dmz and outside interface. I cannot get outside connections to come in.
We normally allow outside traffic into the dmz like this: (ip addresses have been changed)
access-list outside-in extended permit tcp any host 22.214.171.124 eq 80
access-list outside-in extended permit tcp any host 126.96.36.199 range 60000 64999
static (dmz,outside) 188.8.131.52 10.10.10.12 netmask 255.255.255.255
All DMZ hosts have full access to anything (except internal network)
The issue we are having is, no traffic is hitting 10.10.10.12 from the outside. I even did a permit ip any host 184.108.40.206 and still nothing. If we access 220.127.116.11 from 18.104.22.168,(one of our own public IPs) it works. But no other outside users can access it