?
Solved

How to set up access rules for the destination with a DHCP-assigned private address?

Posted on 2013-06-25
4
Medium Priority
?
429 Views
Last Modified: 2013-06-26
My company is going to set up an on-line direct check deposit to our bank. The bank sent us the following notice:
----------
In order to successfully connect to the Bank website, your company‘s firewall must allow
the following IP address and port numbers to be accessible.  Depending on your company‘s internet firewall settings, it may require some configuration changes.
IP address: 216.82.178.59  (the bank's IP address)
Port Numbers:  80 & 443
----------

We have a Cisco ASA 5510. Do you think it is necessary for us to set up ACL for the above purpose since the connection will be initiated by our Accounting user inside our LAN?
If yes, since our Accounting pc doesn't have a public IP address then how to set up ACL for the destination with a private DHCP-assigned address?
0
Comment
Question by:Castlewood
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 29

Accepted Solution

by:
Jan Springer earned 800 total points
ID: 39276365
If the connection is originating from the inside to the outside and you do not have an access-list restricting the inside interface, then you shouldn't have to do anything.

Your accounting server should be allowed to NAT out the outside interface.
0
 
LVL 6

Assisted Solution

by:gcl_hk
gcl_hk earned 800 total points
ID: 39276883
If your Accounting PC is able to access any webpage by http and https currently, then no change require...
0
 
LVL 16

Assisted Solution

by:vivigatt
vivigatt earned 400 total points
ID: 39277878
TCP ports 80 and 443 are http and https, usually not filtered at all.
Thus if the IP address 216.82.178.59 is accessible from the desired client via http://216.82.178.59 and https://216.82.178.59 , nothing needs to be done.

Assigning firewall configs/rules by DHCP is not standard and I don't know any firewall that uses this mechanism, so it is very unlikely that this would be possible (and it would be very problematic on a security standpoint).
0
 

Author Closing Comment

by:Castlewood
ID: 39278165
Thank you guys so much.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question