cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
497
Views
0
Helpful
2
Replies

ASA ACL Issues

michaelkimiti
Level 1
Level 1

Hey guys, have an asa question here. Was configuring an asa 5505 to limit users to only access only company resources and skype. I got skype working but the defined sites in the acl's aren't accessible. What am I doing wrong. Config file is attached

1 Accepted Solution

Accepted Solutions

Vibhor Amrodia
Cisco Employee
Cisco Employee

Hi,

I think if the websites that you are trying to allow are using this same IP address , then the ACL rule is created correctly.

I think most probably , the Websites are either using multiple IP addresses being resolved to the domain or is being redirected to a different IP.

I think what you can do is enable the ASDM debug logging and filter the logs when you try to access the Website and see which ip address is getting denied.

Thanks and Regards,

Vibhor Amrodia

 

View solution in original post

2 Replies 2

Vibhor Amrodia
Cisco Employee
Cisco Employee

Hi,

I think if the websites that you are trying to allow are using this same IP address , then the ACL rule is created correctly.

I think most probably , the Websites are either using multiple IP addresses being resolved to the domain or is being redirected to a different IP.

I think what you can do is enable the ASDM debug logging and filter the logs when you try to access the Website and see which ip address is getting denied.

Thanks and Regards,

Vibhor Amrodia

 

michaelkimiti
Level 1
Level 1

Thanks, after checking the logs I realized that I hadn't permitted dns servers on the ACL's.

I'm such a noob, lol

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: