Solved

How to set up access rules for the destination with a DHCP-assigned private address?

Posted on 2013-06-25
4
420 Views
Last Modified: 2013-06-26
My company is going to set up an on-line direct check deposit to our bank. The bank sent us the following notice:
----------
In order to successfully connect to the Bank website, your company‘s firewall must allow
the following IP address and port numbers to be accessible.  Depending on your company‘s internet firewall settings, it may require some configuration changes.
IP address: 216.82.178.59  (the bank's IP address)
Port Numbers:  80 & 443
----------

We have a Cisco ASA 5510. Do you think it is necessary for us to set up ACL for the above purpose since the connection will be initiated by our Accounting user inside our LAN?
If yes, since our Accounting pc doesn't have a public IP address then how to set up ACL for the destination with a private DHCP-assigned address?
0
Comment
Question by:Castlewood
4 Comments
 
LVL 28

Accepted Solution

by:
Jan Springer earned 200 total points
ID: 39276365
If the connection is originating from the inside to the outside and you do not have an access-list restricting the inside interface, then you shouldn't have to do anything.

Your accounting server should be allowed to NAT out the outside interface.
0
 
LVL 6

Assisted Solution

by:gcl_hk
gcl_hk earned 200 total points
ID: 39276883
If your Accounting PC is able to access any webpage by http and https currently, then no change require...
0
 
LVL 16

Assisted Solution

by:vivigatt
vivigatt earned 100 total points
ID: 39277878
TCP ports 80 and 443 are http and https, usually not filtered at all.
Thus if the IP address 216.82.178.59 is accessible from the desired client via http://216.82.178.59 and https://216.82.178.59 , nothing needs to be done.

Assigning firewall configs/rules by DHCP is not standard and I don't know any firewall that uses this mechanism, so it is very unlikely that this would be possible (and it would be very problematic on a security standpoint).
0
 

Author Closing Comment

by:Castlewood
ID: 39278165
Thank you guys so much.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question