cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
277
Views
0
Helpful
2
Replies

ASA ACLs

BHconsultants88
Level 1
Level 1

Hi guys, I hope someone can help. I need to do the following actions on the attached ASA

* Block all Internet from LAN

* Block all connections to 10.56.0.0 /16

* Block all connections to 10.57.0.0 /16

* Allow connections from LAN to 10.56.40.195/32, 10.56.40.196/32, 10.56.40.197/32, 10.56.40.198/32, 10.56.40.199/32, 10.56.40.200/32

Could someone help me out with how I should configure the ACLs?

Thank you :-)

2 Replies 2

Hi BHconsultants88@,

Can you let me know where 10.56.0.0/16 and 10.57.0.0/16 subnets are?

These are not directly connected to ASA and there is no route for these subnets.

Do you want to block internet access to  LAN ?

Do you want to block connections from LAN to 10.56.0.0/16 & 10.57.0.0/14?

Do you only want to allow traffic from LAN to the followin specific IP's 10.56.40.195/32, 10.56.40.196/32, 10.56.40.197/32, 10.56.40.198/32, 10.56.40.199/32, 10.56.40.200/32?

Spooster IT Services Team

Hi, thanks for the reply. The 10.56 and 10.57 networks are both in HQ. There's VPN tunnel config that's not in the attached, config - these subnets are connected via the tunnel

To clarify, this is what I need (slightly different to above)

Block internet from source 10.154.246.12

Allow Internet from rest of LAN

Block access to 10.56 and 10.57 networks from 10.154.246.12 host

Allow traffic from LAN to the followin specific IP's 10.56.40.195/32, 10.56.40.196/32, 10.56.40.197/32, 10.56.40.198/32, 10.56.40.199/32, 10.56.40.200/32?

Review Cisco Networking for a $25 gift card