topic packet-tracer input outside in Network Security https://community.cisco.com/t5/network-security/access-list-on-asa5505/m-p/2534642#M235180 <P><CODE>packet-tracer input outside tcp 1.2.3.4 1234 PUBLIC-IP-OF-DATTO-DEVICE 22</CODE></P><P>"1.2.3.4 1234" is just a random source-ip and port.</P> Sun, 31 Aug 2014 21:21:10 GMT Karsten Iwen 2014-08-31T21:21:10Z Access List on ASA5505 https://community.cisco.com/t5/network-security/access-list-on-asa5505/m-p/2534639#M235176 <P>Here is a current access list on an ASA that I mange:</P><P>&nbsp;</P><P>access-list outside_access_in_1 extended permit tcp any host 192.168.0.81 eq 7500<BR />access-list outside_access_in_1 extended permit object RDP any object FileServer<BR />access-list outside_access_in_1 extended permit tcp any host 192.168.0.81 eq 53827<BR />access-list outside_access_in_1 extended permit tcp any object New_Server eq 3389<BR />access-list outside_access_in_1 extended permit tcp any host 192.168.0.81 eq 53828<BR />access-list outside_access_in_1 extended permit tcp any host 192.168.0.81 eq 53829<BR />access-list outside_access_in_1 extended permit tcp any host 192.168.0.81 eq 53830<BR />access-list outside_access_in_1 extended permit tcp any object New_Server eq 53850<BR />access-list outside_access_in_1 extended permit tcp any object New_Server eq 53810<BR />access-list outside_access_in_1 extended permit tcp any object New_Server eq 53855<BR />access-list outside_access_in_1 extended permit tcp any object New_Server eq telnet<BR />access-list outside_access_in_1 extended permit tcp any object New_Server eq 55443<BR />access-list outside_access_in_1 extended permit tcp any object New_Server eq 7500<BR /><STRONG>access-list outside_access_in_1 extended permit tcp any object DattoDevice eq ssh<BR />access-list outside_access_in_1 extended permit udp any object DattoDevice eq ntp<BR />access-list outside_access_in_1 extended permit icmp any object DattoDevice </STRONG></P><P>&nbsp;</P><P>I have highlighted the last three statements - are these correct?</P> Tue, 26 Mar 2019 00:53:45 GMT https://community.cisco.com/t5/network-security/access-list-on-asa5505/m-p/2534639#M235176 Steven Couture 2019-03-26T00:53:45Z If you want to allow SSH/NTP https://community.cisco.com/t5/network-security/access-list-on-asa5505/m-p/2534640#M235178 <P>If you want to allow SSH/NTP and ICMP to DattoDevice, then these ACEs are correct.</P> Sun, 31 Aug 2014 17:30:14 GMT https://community.cisco.com/t5/network-security/access-list-on-asa5505/m-p/2534640#M235178 Karsten Iwen 2014-08-31T17:30:14Z Thank you.....can you tell me https://community.cisco.com/t5/network-security/access-list-on-asa5505/m-p/2534641#M235179 <P>Thank you.....can you tell me how to test these using packet tracer in the ASDM?</P> Sun, 31 Aug 2014 21:12:09 GMT https://community.cisco.com/t5/network-security/access-list-on-asa5505/m-p/2534641#M235179 Steven Couture 2014-08-31T21:12:09Z packet-tracer input outside https://community.cisco.com/t5/network-security/access-list-on-asa5505/m-p/2534642#M235180 <P><CODE>packet-tracer input outside tcp 1.2.3.4 1234 PUBLIC-IP-OF-DATTO-DEVICE 22</CODE></P><P>"1.2.3.4 1234" is just a random source-ip and port.</P> Sun, 31 Aug 2014 21:21:10 GMT https://community.cisco.com/t5/network-security/access-list-on-asa5505/m-p/2534642#M235180 Karsten Iwen 2014-08-31T21:21:10Z Thanks again -  https://community.cisco.com/t5/network-security/access-list-on-asa5505/m-p/2534643#M235181 <P>Thanks again -</P><P>&nbsp;</P> Sun, 31 Aug 2014 22:15:26 GMT https://community.cisco.com/t5/network-security/access-list-on-asa5505/m-p/2534643#M235181 Steven Couture 2014-08-31T22:15:26Z