https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736566#M534330 <P>Hello,</P><P></P><P>Our company has recently upgraded our firewall from a Borderware Steelgate v7.1 platform to a Cisco ASA 5520 platform.&nbsp; Needless to say the interface on the Cisco platform is much more complex and I don't have much experience working with firewalls (so, please take it easy on me).&nbsp; Our other IT guy is out of town and this is the first time I have worked on this setup.&nbsp; </P><P></P><P>I need to create the following access rule</P><P></P><P>I need to open port 4**0 to be allowed through the firewall from external ip address 10.XXX.XX.XXX only. Then forward port 4**0 to 10.XX.XX.XX port 80 tcp</P><P></P><P>Not sure on how to create these access rules, any help would be greatly appreciated, such as instructions on how to create the rules.</P> Mon, 11 Mar 2019 21:07:07 GMT chrisjmolloy 2019-03-11T21:07:07Z https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736566#M534330 <P>Hello,</P><P></P><P>Our company has recently upgraded our firewall from a Borderware Steelgate v7.1 platform to a Cisco ASA 5520 platform.&nbsp; Needless to say the interface on the Cisco platform is much more complex and I don't have much experience working with firewalls (so, please take it easy on me).&nbsp; Our other IT guy is out of town and this is the first time I have worked on this setup.&nbsp; </P><P></P><P>I need to create the following access rule</P><P></P><P>I need to open port 4**0 to be allowed through the firewall from external ip address 10.XXX.XX.XXX only. Then forward port 4**0 to 10.XX.XX.XX port 80 tcp</P><P></P><P>Not sure on how to create these access rules, any help would be greatly appreciated, such as instructions on how to create the rules.</P> Mon, 11 Mar 2019 21:07:07 GMT https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736566#M534330 chrisjmolloy 2019-03-11T21:07:07Z https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736567#M534335 <HTML><HEAD></HEAD><BODY><P> Chris-</P><P></P><P>Check out this article, I think it will help. If not please let us know.</P><P></P><P><A _jive_internal="true" href="https://community.cisco.com/docs/DOC-16848">https://supportforums.cisco.com/docs/DOC-16848</A></P></BODY></HTML> Wed, 03 Aug 2011 15:24:28 GMT https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736567#M534335 Collin Clark 2011-08-03T15:24:28Z https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736568#M534340 <HTML><HEAD></HEAD><BODY><P>Hi Collin,</P><P></P><P>You would need the following:</P><P></P><P>static (inside,outside) tcp 10.xxx.xxx.xxx.xxx 4**0 10.xx.xx.xx 80</P><P></P><P>access-list outside_access_in permit tcp any host 10.xxx.xxx.xxx eq 4**0</P><P>access-group outside_access_in in interface outside</P><P></P><P>where inside would be your lan interface and outside is your external interafce.</P><P></P><P>Let me know if you face any issues.</P><P></P><P>Hope this helps,</P><P></P><P>Thanks,</P><P>Varun</P></BODY></HTML> Wed, 03 Aug 2011 15:28:35 GMT https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736568#M534340 varrao 2011-08-03T15:28:35Z https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736569#M534347 <HTML><HEAD></HEAD><BODY><P>Hi Varun,</P><P></P><P>I appreciate your response and patience.&nbsp; I just need a little more help when it comes to this as I really unsure with this interface.</P><P></P><P>Hopefully we can break this down together.</P><P></P><P>first comment </P><P>static (inside,outside) tcp 10.xxx.xxx.xxx.xxx 4**0 10.xx.xx.xx 80.&nbsp; Where do I go to create this.&nbsp; Do I add an access rule, create a netwok object</P><P></P><P></P><P>Once I get the first part figured out wil lgo to the access list outsie access comment.&nbsp; Next, Although I think that is where i need to create the rule.&nbsp; Please advise.</P></BODY></HTML> Wed, 03 Aug 2011 16:17:36 GMT https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736569#M534347 chrisjmolloy 2011-08-03T16:17:36Z https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736570#M534352 <HTML><HEAD></HEAD><BODY><P>Do you mean create a Static NAT rule first and then create the access rule?</P></BODY></HTML> Wed, 03 Aug 2011 16:34:54 GMT https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736570#M534352 chrisjmolloy 2011-08-03T16:34:54Z https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736571#M534356 <HTML><HEAD></HEAD><BODY><P>Hi Chris,</P><P></P><P>Could you provide me the configuration that you currently have on your ASA, moreover can you tell me the version of ASA softwrae that you are using?</P><P>You need to enter this command in the CLI , in config mode.</P><P></P><P>Thanks,</P><P>Varun</P></BODY></HTML> Wed, 03 Aug 2011 17:46:56 GMT https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736571#M534356 varrao 2011-08-03T17:46:56Z https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736572#M534361 <HTML><HEAD></HEAD><BODY><P><IMG src="http://supportforums.cisco.com/sites/default/files/legacy/1/5/2/55251-Untitled.png" class="jive-image" /></P></BODY></HTML> Wed, 03 Aug 2011 17:59:14 GMT https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736572#M534361 chrisjmolloy 2011-08-03T17:59:14Z https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736573#M534366 <HTML><HEAD></HEAD><BODY><P>can you provide your config as well??</P><P></P><P>-Varun</P></BODY></HTML> Wed, 03 Aug 2011 18:12:46 GMT https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736573#M534366 varrao 2011-08-03T18:12:46Z https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736574#M534371 <HTML><HEAD></HEAD><BODY><P>this may sound bad but how do i get the config info for you?</P></BODY></HTML> Wed, 03 Aug 2011 18:19:28 GMT https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736574#M534371 chrisjmolloy 2011-08-03T18:19:28Z https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736575#M534377 <HTML><HEAD></HEAD><BODY><P>go to tools on the top of the window and then CLI interface, and then type in "show run" and then send the comnmand, copy the output.</P><P></P><P>Thanks,</P><P>Varun</P></BODY></HTML> Wed, 03 Aug 2011 18:23:56 GMT https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736575#M534377 varrao 2011-08-03T18:23:56Z https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736576#M534381 <HTML><HEAD></HEAD><BODY><P>I appreciate the help but the issue has been figured out with your first response. Thanks again.</P></BODY></HTML> Wed, 03 Aug 2011 18:43:59 GMT https://community.cisco.com/t5/network-security/help-creating-access-rules-on-cisco-asa-5520-platform/m-p/1736576#M534381 chrisjmolloy 2011-08-03T18:43:59Z