Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1673
Views
0
Helpful
2
Replies

ACL not working in ASA 8.4

rehan_uet
Level 1
Level 1

‎05-08-2012 06:38 AM - edited ‎03-11-2019 04:03 PM

An ACL has been applied on the inside interface to of the ASA 8.4 but it is not working. The aim of this list to allow only a few host for outside access and deny rest of the hosts for outside access. The syntex of the access list is

access-list ACL-Inside extended permit ip host 192.168.100.101 any

access-list ACL-Inside extended permit ip host 192.168.100.108 any

access-list ACL-Inside extended permit ip host 192.168.100.109 any

access-list ACL-Inside extended permit ip host 192.168.100.243 any

access-list ACL-Inside extended permit ip host 192.168.100.241 any

access-group ACL-Inside in interface inside

Labels:
0 Helpful
2 Replies 2

Maykol Rojas
Cisco Employee
Cisco Employee

‎05-08-2012 09:09 AM

Hello,

Can you run a packet tracer?

packet-tracer inpunt inside tcp 192.168.100.241 1025 4.2.2.2 80

Send us the output.

Mike

Mike
0 Helpful

siddhartham
Level 4
Level 4

‎05-08-2012 09:43 AM

Did you configure the NAT statement for the inside hosts to be mapped to a public IP? The below config will NAT 192.168.100.0 -100.254 to outside interface and the access-list you defined only allow those hosts to go out.

object network Inside_Net

subnet 192.168.100.0 255.255.255.0

nat  (inside, outside)  dynamic interface

If you alread did the above config please send us the packet capture as Mike requested.

Siddhartha
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card