07-26-2018 03:28 PM - edited 02-21-2020 08:01 AM
I set up a basic configuration on a 5540. After testing, it seems that the device is letting everything in, Web traffic, imap(993), and several other things. I had intended to set up some access lists to allow certain things in from specific IP addresses(company corporate mail server), but I haven't done it yet. It seems everything is coming in anyway. The firewall is essentially doing nothing but address translation. I have PAT overload configured, nat(inside,outside) dynamic interface, since we only have one live IP address facing out to the world. Is this a side effect of using PAT that I am not aware of, that requires extra access list/groups to block everything coming in?
07-26-2018 04:11 PM
Hello,
Could you post a copy of your configuration with passwords or other sensitive data redacted?
07-27-2018 06:53 AM
07-26-2018 04:44 PM
you will need to apply the access list to the interfaces. what have you configured?
07-27-2018 01:26 PM
show access-list
show run access-group
And packet tracer should tell you exactly what is going on.
-A
07-27-2018 01:54 PM
07-27-2018 02:28 PM
Hello,
Often I find a second set of eyes will expose something I have missed, which is we were are offering to take a look at the requested information above to answer your question.
If you are running ASA-code, then you do have a packer-tracer commands available.
https://www.cisco.com/c/en/us/td/docs/security/asa/asa-command-reference/I-R/cmdref2/p1.html
Cheers,
-A
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide