Solved

whitelist for Cisco 5505 using ASDM

Posted on 2012-03-11
4
1,981 Views
Last Modified: 2012-03-12
Hi,

We have about 50 ASA 5505's deployed and I need to add the following IP range to allow each site to be able to resolve.

IP Address Range using CIDR Notation
170.x.x.0/16

or

IP Address with Subnet Mask
170.x.0.0 / 255.255.0.0

Port 80 (HTTP)

Port 443 (HTTPS)

I would like to be able to do this remotely from corporate by using PC Anywhere (we are very spread out). I need specific instructions to add this through the GUI ASDM. I am not a network specialists so keep that in mind. If there is a wizard in the ASDM to do this that would be great.If it can't be done through the ASDM I will take a command line answer.

Right now ALL traffic is blocked in the ASA EXCEPT back to our corporate office via a VPN tunnel.

Thank you!
0
Comment
Question by:lilthrift
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 11

Expert Comment

by:DIPRAJ
ID: 37708500
there is chance that i may not understand your query properly...
for setting up VPN ..better to create separate network for each and every location.
try to avoid same range IP address... even in a ADSL modem/router or may be in ILL/LL.

try to use ASDM 5.2 to get the configuration done.
0
 

Author Comment

by:lilthrift
ID: 37708505
I'm not trying to create a VPN. Just want to punch a hole in the firewall to the IP range above.
0
 
LVL 11

Accepted Solution

by:
DIPRAJ earned 500 total points
ID: 37708561
you want to add ip....i think you have to create NAT for that

after login to ASA5505----> go to device manager---->configuration--->just click on the firewall and then click on the NAT---->add static NAT rule.

create source and destination ip(means interface inside and interface outside) for to and fro.

one step by step configuration guide is given ...please take a help of it...

add ip -nat
0
 

Author Closing Comment

by:lilthrift
ID: 37710684
dipra,

you were close enough to get me what I needed although I ended up creating access rule instead of Nat rule.

Thanks for the help
0

Featured Post

Webinar May 25: Cloud Security Strategies for SMBs

Small and mid-sized businesses are a driving force behind cloud adoption, and it’s no wonder: cloud benefits are BIG.  But for all the convenience that moving to the cloud provides, where does security come into play?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
logon script 9 96
Need a "SonicWall" Replacement 12 57
Home firewall recommendations 11 107
Check Spoof email 6 71
We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question