10-17-2010 11:56 PM - edited 03-11-2019 11:55 AM
Dear All,
Please share with me which command need to configure in Cisco ASA 5510 for full internet access.Actually customer has cisco ASA 5510 with CSC-SSM module but he want to give full internet access of Mgmt level users.
For your reference please find the running configuration file.
Regards,
Pushpendra
10-18-2010 02:05 AM
the way it is setup i cannot see how firewall is blocking any request from the internal users, everything seems to be open for inside users
are you concerned about any particular traffic, is anything affected right now
10-18-2010 02:21 AM
Actually all of traffic goes outside through CSS-SSM module.Which is filtering website which site is required to open for user which is not,But Some mgmt user want to full internet access. so please suggest me procedure of open all site perticular IP.
10-18-2010 03:26 AM
so what exactly is the requirement here
do you want to stop processing traffic through the module or do you want to allow everything for traffic through the module
if you want to allow everything then do not send the traffic throiugh the module
use the following command this will stop sending traffic through the CSC SSM module
policy-map global_policy
no class global-class
10-18-2010 04:22 AM
Sir i want to particular some IP who will access full internet means everything which is he want to open site and rest of users will be go through CSC-SSM.have any option in ASA that mgmt user will not go through CSC-SSM but rest of user will be go the CSC-SSM.
10-18-2010 06:07 AM
then make 2 networks
you can give one network as managment network and the other for rest of the users
eg: 10.1.0.0 /24 management
10.1.1.0 / 24 rest of the users
and pass only 10.1.1.0 network through the csc ssm
you are using this acl to identify traffic for csc ssm
access-list global_mpc extended permit ip any any
removce ip any any and add 10.1.1.0 255.255.255.0 any
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: