Solved

Cisco ASA information needed

Posted on 2014-01-26
6
285 Views
Last Modified: 2014-02-04
How can  you permit traffic to specific host  on another interface  if you have configured deny all traffic from one  interface to another   meaning between two  network /24 .

 Is it necessary to setup an except rule  between two interfaces?
0
Comment
Question by:renegadecy
  • 3
  • 2
6 Comments
 
LVL 51

Expert Comment

by:Netman66
Comment Utility
I would think a permit rule for that requirement could be created and placed immediately above the deny.
0
 

Author Comment

by:renegadecy
Comment Utility
have done that and it doent work...
0
 
LVL 51

Expert Comment

by:Netman66
Comment Utility
If you remove the deny, and only have that rule does it work?
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 

Author Comment

by:renegadecy
Comment Utility
due to security policy I cannot remove the deny
0
 
LVL 51

Expert Comment

by:Netman66
Comment Utility
It's implicitly denied.
0
 
LVL 8

Accepted Solution

by:
amatson78 earned 500 total points
Comment Utility
What level is the allow, meaning on the ACL is it higher then any of the denys? What do the logs show on the ASA when you create the rule and test it. It should give a reason denied. Also is their routes/NATs setup for the two subnets to talk?
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Hi All,  Recently I have installed and configured a Sonicwall NS220 in the network as a firewall and Internet access gateway. All was working fine until users started reporting that they cannot use the Cisco VPN client to connect to the customer'…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now