topic Re: Internet Browsing in Network Security

Internet Browsing

worldcalltel — Mon, 11 Mar 2019 10:43:43 GMT

I created an ACL to allow only port 80 on my workstations. But most of the time, i can not able to access some websites. What port/s that needs to be allowed. I know that the internet is using a dynamic ports. can someone advise me or give some recommendation.

Thanks

Re: Internet Browsing

srue — Wed, 11 Jul 2007 19:25:07 GMT

if your ACL is applied on the inside interface, you need an ACL similar to the following:

access-list inside_acl permit tcp any any eq 80

access-list inside_acl permit tcp any any eq 443

access-group inside_acl in interface inside

this will ONLY allow http and https...NOTHING else.

Re: Internet Browsing

worldcalltel — Wed, 11 Jul 2007 22:10:37 GMT

I am asking though i already set the port 80 on my acl, but when i tried to access the internet some of them won't go thru. I run some packet and port monitoring tools and it shows that there are a lot of dynamic ports involve in the internet. I don't want any restriction when browsing the internet. so i guess i just have to allowed all the protocol and ports.