https://community.cisco.com/t5/network-security/need-to-allow-inbound-connection-over-tcp-9000/m-p/806027#M970931 <HTML><HEAD></HEAD><BODY><P>Check if you used the correct name in ACL.</P><P></P><P>Example</P><P></P><P>Your acl:</P><P></P><P>access-list outside_in extended permit tcp any host 1.2.3.4 eq 9000</P><P></P><P></P><P>Default acl name when you use the ASDM:</P><P></P><P>access-list outside_access_in extended permit tcp any host 1.2.3.4 eq 9000</P><P></P></BODY></HTML> Mon, 20 Aug 2007 18:07:16 GMT rigoberto.cintron 2007-08-20T18:07:16Z https://community.cisco.com/t5/network-security/need-to-allow-inbound-connection-over-tcp-9000/m-p/806023#M970927 <P>I am trying to configure an ASA5510 (v7.12) to allow an inbound connection over TCP port 9000. I have a web server on the inside that is listening on port 9000 (<A class="jive-link-custom" href="http://192.168.1.1:9000" target="_blank">http://192.168.1.1:9000</A>)</P><P></P><P>I have setup a static NAT:</P><P></P><P>static (inside,outside) 1.2.3.4 192.168.1.1 netmask 255.255.255.255</P><P></P><P>and the access rule:</P><P></P><P>access-list outside_in extended permit tcp any host 1.2.3.4 eq 9000</P><P></P><P>Clients on the inside can reach the web server, but those outside the firewall are getting an unable to connect error.</P><P></P><P>What am I missing? This should be really straighforward.</P> Mon, 11 Mar 2019 10:59:45 GMT https://community.cisco.com/t5/network-security/need-to-allow-inbound-connection-over-tcp-9000/m-p/806023#M970927 tom.brockman 2019-03-11T10:59:45Z https://community.cisco.com/t5/network-security/need-to-allow-inbound-connection-over-tcp-9000/m-p/806024#M970928 <HTML><HEAD></HEAD><BODY><P>Have u grouped the ACL in outside interface.Have u placed the route?</P></BODY></HTML> Mon, 20 Aug 2007 06:45:44 GMT https://community.cisco.com/t5/network-security/need-to-allow-inbound-connection-over-tcp-9000/m-p/806024#M970928 sureshkum 2007-08-20T06:45:44Z https://community.cisco.com/t5/network-security/need-to-allow-inbound-connection-over-tcp-9000/m-p/806025#M970929 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>Check what sureshkum has stated ? also try this ...</P><P></P><P>access-list outside_in extended permit tcp any host 192.168.1.1 eq 9000 </P><P></P><P>Best thing is to check the logs to get clear picture of your peoblem..</P><P></P><P>logs will tell you if the problem is realted to NAT or access list.</P><P></P><P>HTH</P><P></P><P>rgds</P><P></P></BODY></HTML> Mon, 20 Aug 2007 09:44:51 GMT https://community.cisco.com/t5/network-security/need-to-allow-inbound-connection-over-tcp-9000/m-p/806025#M970929 rajatsetia 2007-08-20T09:44:51Z https://community.cisco.com/t5/network-security/need-to-allow-inbound-connection-over-tcp-9000/m-p/806026#M970930 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>Do you have implemented same access-list on OUTSIDE interface?</P><P></P><P>NAT seems to be fine configured.</P><P></P><P></P><P>Ex:</P><P></P><P>access-group OUTSIDE_IN in interface outside</P><P></P><P></P><P>Regards,</P><P>Dharmesh Purohit</P></BODY></HTML> Mon, 20 Aug 2007 11:28:49 GMT https://community.cisco.com/t5/network-security/need-to-allow-inbound-connection-over-tcp-9000/m-p/806026#M970930 purohit_810 2007-08-20T11:28:49Z https://community.cisco.com/t5/network-security/need-to-allow-inbound-connection-over-tcp-9000/m-p/806027#M970931 <HTML><HEAD></HEAD><BODY><P>Check if you used the correct name in ACL.</P><P></P><P>Example</P><P></P><P>Your acl:</P><P></P><P>access-list outside_in extended permit tcp any host 1.2.3.4 eq 9000</P><P></P><P></P><P>Default acl name when you use the ASDM:</P><P></P><P>access-list outside_access_in extended permit tcp any host 1.2.3.4 eq 9000</P><P></P></BODY></HTML> Mon, 20 Aug 2007 18:07:16 GMT https://community.cisco.com/t5/network-security/need-to-allow-inbound-connection-over-tcp-9000/m-p/806027#M970931 rigoberto.cintron 2007-08-20T18:07:16Z https://community.cisco.com/t5/network-security/need-to-allow-inbound-connection-over-tcp-9000/m-p/806028#M970933 <HTML><HEAD></HEAD><BODY><P>I figured this out. It was an internal routing issue. Thanks for your help.</P></BODY></HTML> Mon, 20 Aug 2007 18:11:40 GMT https://community.cisco.com/t5/network-security/need-to-allow-inbound-connection-over-tcp-9000/m-p/806028#M970933 tom.brockman 2007-08-20T18:11:40Z