Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

How to set up access rules for the destination with a DHCP-assigned private address?

Posted on 2013-06-25
4
415 Views
Last Modified: 2013-06-26
My company is going to set up an on-line direct check deposit to our bank. The bank sent us the following notice:
----------
In order to successfully connect to the Bank website, your company‘s firewall must allow
the following IP address and port numbers to be accessible.  Depending on your company‘s internet firewall settings, it may require some configuration changes.
IP address: 216.82.178.59  (the bank's IP address)
Port Numbers:  80 & 443
----------

We have a Cisco ASA 5510. Do you think it is necessary for us to set up ACL for the above purpose since the connection will be initiated by our Accounting user inside our LAN?
If yes, since our Accounting pc doesn't have a public IP address then how to set up ACL for the destination with a private DHCP-assigned address?
0
Comment
Question by:Castlewood
4 Comments
 
LVL 28

Accepted Solution

by:
Jan Springer earned 200 total points
ID: 39276365
If the connection is originating from the inside to the outside and you do not have an access-list restricting the inside interface, then you shouldn't have to do anything.

Your accounting server should be allowed to NAT out the outside interface.
0
 
LVL 6

Assisted Solution

by:gcl_hk
gcl_hk earned 200 total points
ID: 39276883
If your Accounting PC is able to access any webpage by http and https currently, then no change require...
0
 
LVL 16

Assisted Solution

by:vivigatt
vivigatt earned 100 total points
ID: 39277878
TCP ports 80 and 443 are http and https, usually not filtered at all.
Thus if the IP address 216.82.178.59 is accessible from the desired client via http://216.82.178.59 and https://216.82.178.59 , nothing needs to be done.

Assigning firewall configs/rules by DHCP is not standard and I don't know any firewall that uses this mechanism, so it is very unlikely that this would be possible (and it would be very problematic on a security standpoint).
0
 

Author Closing Comment

by:Castlewood
ID: 39278165
Thank you guys so much.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When I upgraded my ASA 8.2 to 8.3, I realized that my nonat statement was failing!   The log showed the following error:     %ASA-5-305013: Asymmetric NAT rules matched for forward and reverse flows It was caused by the config upgrade, because t…
Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (http://www.concertocloud.com/about/in-the-news/2017/02/0…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question