Solved

Allowing a range if IP addresses through an ASA using ASDM

Posted on 2013-06-18
2
371 Views
Last Modified: 2013-07-03
Hello Experts,
I’m sure this is a lame rookie question, but I’m a total Cisco ASA rookie, so I’m going to ask it any ways.  We have a Cisco 5520 at work.  Some users are trying to test new software and things are not working.  I have contacted the vendor and they have said we need to open five different ranges of IP addresses.  I don’t know how to do this.  I’m using the Cisco ASDM because I can’t seem to find any of the access rules in the Cisco cli.
Here is what I think I need to do (again, this is from within the ASDM (sorry about that)):
1.      Create a new network object group that contains the IP ranges that the vendor said I need to allow through our firewall
2.      Go to the Advanced ¿ ACL Manager
3.      Create a new rule in the from_out section where the source is the group I created in step 1 and the destination is any.

Does this sound about right?

As always,
Nick
0
Comment
Question by:ndalmolin_13
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 20

Accepted Solution

by:
rauenpc earned 500 total points
ID: 39257188
The configuration all depends on how traffic will flow, and not just the endpoints. Try to draw us a picture if you could. Also add in who will start the conversations so for example the average user will communicate with the internet but people on the internet should never be able to directly connect to that user. Likewise, a web server might need general access to the internet AND allow random internet users to connect directly to it on ports 80 and 443.

This explanation will help us help you.
0
 
LVL 1

Author Comment

by:ndalmolin_13
ID: 39257304
We have users that are going to log into Skillsoft.com (which I believe is a web-based training site).  When they try to log in, the connection just stalls at the login screen.  I have contacted their support and sent them logs regarding our Java installation.  They have come back and asked that I open the following IP address on our firewall:

209.235.8.1 – 209.235.9.254
209.235.10.1 – 209.235.10.62
209.46.44.1 – 209.46.45.254
216.205.88.1 – 216.205.91.254
216.245.129.113 – 216.245.129.118


I hope this helps.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of the companies I’ve worked with have embraced cloud solutions due to their desire to “get out of the datacenter business.” The ability to achieve better security and availability, and the speed with which they are able to deploy, is far grea…
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question