Solved

Allowing a range if IP addresses through an ASA using ASDM

Posted on 2013-06-18
2
342 Views
Last Modified: 2013-07-03
Hello Experts,
I’m sure this is a lame rookie question, but I’m a total Cisco ASA rookie, so I’m going to ask it any ways.  We have a Cisco 5520 at work.  Some users are trying to test new software and things are not working.  I have contacted the vendor and they have said we need to open five different ranges of IP addresses.  I don’t know how to do this.  I’m using the Cisco ASDM because I can’t seem to find any of the access rules in the Cisco cli.
Here is what I think I need to do (again, this is from within the ASDM (sorry about that)):
1.      Create a new network object group that contains the IP ranges that the vendor said I need to allow through our firewall
2.      Go to the Advanced ¿ ACL Manager
3.      Create a new rule in the from_out section where the source is the group I created in step 1 and the destination is any.

Does this sound about right?

As always,
Nick
0
Comment
Question by:ndalmolin_13
2 Comments
 
LVL 20

Accepted Solution

by:
rauenpc earned 500 total points
ID: 39257188
The configuration all depends on how traffic will flow, and not just the endpoints. Try to draw us a picture if you could. Also add in who will start the conversations so for example the average user will communicate with the internet but people on the internet should never be able to directly connect to that user. Likewise, a web server might need general access to the internet AND allow random internet users to connect directly to it on ports 80 and 443.

This explanation will help us help you.
0
 
LVL 1

Author Comment

by:ndalmolin_13
ID: 39257304
We have users that are going to log into Skillsoft.com (which I believe is a web-based training site).  When they try to log in, the connection just stalls at the login screen.  I have contacted their support and sent them logs regarding our Java installation.  They have come back and asked that I open the following IP address on our firewall:

209.235.8.1 – 209.235.9.254
209.235.10.1 – 209.235.10.62
209.46.44.1 – 209.46.45.254
216.205.88.1 – 216.205.91.254
216.245.129.113 – 216.245.129.118


I hope this helps.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco Air AP 6 42
DHCP on ASA 3 53
Cisco ASA 5505 Login issues 2 26
VTP / VLANs and Sub-Interfaces 4 30
Cisco Pix/ASA hairpinning The term, hairpinning, comes from the fact that the traffic comes from one source into a router or similar device, makes a U-turn, and goes back the same way it came. Visualize this and you will see something that looks …
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now