ASA block traffic when should be allowed.

JKOOP — Fri, 21 Feb 2020 17:19:00 GMT

I'm simply trying to access adsm and when doing show log I see that the traffic is getting block by an ACL. %ASA-3-710003: TCP access denied by ACL from 192.168.1.84/1092 to g0:192.168.1.180/443 %ASA-7-710005: TCP request discarded from 192.168.1.84/1092 to g0:192.168.1.180/443 So I then tried configuring an explicit rule to allow all( any any) to simply to access adsm. The issue still persists. The security-level is set to zero 0 on the interface, I've read that this should matter any more since an acl has been applied to the interface. The firewall rules. access-list OUTBOUND extended permit tcp host 192.168.1.84 host 192.168.1.180 access-list INBOUND extended permit tcp host 192.168.1.180 host 192.168.1.84 I've also tried applying these rules as well. access-list OUTBOUND extended permit tcp any4 any4 access-list INBOUND extended permit tcp any4 any4 access-group OUTBOUND out int g0 access-group INBOUND in int g0

Re: ASA block traffic when should be allowed.

Marvin Rhoads — Sat, 20 Jul 2019 12:29:22 GMT

Access to ASDM is controlled not by an ACL but by the "http" command.

Try:

http 0.0.0.0 0.0.0.0 inside

(or whatever interface you are trying to access from).

You can substitute a more specific subnet or even host address for the 0.0.0.0/0 example.

topic Re: ASA block traffic when should be allowed. in Network Security

ASA block traffic when should be allowed.

Re: ASA block traffic when should be allowed.