Solved

whitelist for Cisco 5505 using ASDM

Posted on 2012-03-11
4
1,948 Views
Last Modified: 2012-03-12
Hi,

We have about 50 ASA 5505's deployed and I need to add the following IP range to allow each site to be able to resolve.

IP Address Range using CIDR Notation
170.x.x.0/16

or

IP Address with Subnet Mask
170.x.0.0 / 255.255.0.0

Port 80 (HTTP)

Port 443 (HTTPS)

I would like to be able to do this remotely from corporate by using PC Anywhere (we are very spread out). I need specific instructions to add this through the GUI ASDM. I am not a network specialists so keep that in mind. If there is a wizard in the ASDM to do this that would be great.If it can't be done through the ASDM I will take a command line answer.

Right now ALL traffic is blocked in the ASA EXCEPT back to our corporate office via a VPN tunnel.

Thank you!
0
Comment
Question by:lilthrift
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 11

Expert Comment

by:DIPRAJ
ID: 37708500
there is chance that i may not understand your query properly...
for setting up VPN ..better to create separate network for each and every location.
try to avoid same range IP address... even in a ADSL modem/router or may be in ILL/LL.

try to use ASDM 5.2 to get the configuration done.
0
 

Author Comment

by:lilthrift
ID: 37708505
I'm not trying to create a VPN. Just want to punch a hole in the firewall to the IP range above.
0
 
LVL 11

Accepted Solution

by:
DIPRAJ earned 500 total points
ID: 37708561
you want to add ip....i think you have to create NAT for that

after login to ASA5505----> go to device manager---->configuration--->just click on the firewall and then click on the NAT---->add static NAT rule.

create source and destination ip(means interface inside and interface outside) for to and fro.

one step by step configuration guide is given ...please take a help of it...

add ip -nat
0
 

Author Closing Comment

by:lilthrift
ID: 37710684
dipra,

you were close enough to get me what I needed although I ended up creating access rule instead of Nat rule.

Thanks for the help
0

Featured Post

Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Overview Often, we set up VPN appliances where the connected clients are on a separate subnet and the company will have alternate internet connections and do not use this particular device as the gateway for certain servers or clients. In this case…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question