Solved

Allowing a range if IP addresses through an ASA using ASDM

Posted on 2013-06-18
2
364 Views
Last Modified: 2013-07-03
Hello Experts,
I’m sure this is a lame rookie question, but I’m a total Cisco ASA rookie, so I’m going to ask it any ways.  We have a Cisco 5520 at work.  Some users are trying to test new software and things are not working.  I have contacted the vendor and they have said we need to open five different ranges of IP addresses.  I don’t know how to do this.  I’m using the Cisco ASDM because I can’t seem to find any of the access rules in the Cisco cli.
Here is what I think I need to do (again, this is from within the ASDM (sorry about that)):
1.      Create a new network object group that contains the IP ranges that the vendor said I need to allow through our firewall
2.      Go to the Advanced ¿ ACL Manager
3.      Create a new rule in the from_out section where the source is the group I created in step 1 and the destination is any.

Does this sound about right?

As always,
Nick
0
Comment
Question by:ndalmolin_13
2 Comments
 
LVL 20

Accepted Solution

by:
rauenpc earned 500 total points
ID: 39257188
The configuration all depends on how traffic will flow, and not just the endpoints. Try to draw us a picture if you could. Also add in who will start the conversations so for example the average user will communicate with the internet but people on the internet should never be able to directly connect to that user. Likewise, a web server might need general access to the internet AND allow random internet users to connect directly to it on ports 80 and 443.

This explanation will help us help you.
0
 
LVL 1

Author Comment

by:ndalmolin_13
ID: 39257304
We have users that are going to log into Skillsoft.com (which I believe is a web-based training site).  When they try to log in, the connection just stalls at the login screen.  I have contacted their support and sent them logs regarding our Java installation.  They have come back and asked that I open the following IP address on our firewall:

209.235.8.1 – 209.235.9.254
209.235.10.1 – 209.235.10.62
209.46.44.1 – 209.46.45.254
216.205.88.1 – 216.205.91.254
216.245.129.113 – 216.245.129.118


I hope this helps.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Boosting Power of a Cisco Access Point 8 83
Cisco  3750E switches 1 37
Cisco Prime 2.2 7 60
CISCO wireless controller & AP 2 32
This is about downgrading PIX Version 8.0(4) & ASDM 6.1(5) to PIX 7.2(4) and ASDM 5.2(4) but with only 64MB RAM and 16MB flash. Background: You have a Cisco Pix 515E which was running on PIX 7.2(4) and its supporting ASDM 5.2(4) without any i…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question