09-04-2018 10:30 AM - edited 02-21-2020 08:11 AM
Hello,
I have been trying to figure out how to block port 80 from outside my network to a specific server. I want to allow only port 8081 to be accessed. Currently when I setup an access rule to block http it blocks all access to the server from outside the network coming in. Is it possible to block only port 80 and allow 8081 or block all ports and allow 8081? This is on a Cisco ASA 5545. Thanks in advance for any help.
09-04-2018 10:44 AM
Hi,
Example below, should permit anybody on the internet to access the server on port 8081, this example uses static NAT. You'll need to amend the ip addresses and potentially the name of the interfaces (inside/outside) to fit your environment.
object network SERVER
host 192.168.250.2
nat (INSIDE,OUTSIDE) static 1.1.1.10 service 80 8081
access-list OUTSIDE_IN permit tcp any host 192.168.250.2 eq 80
access-group OUTSIDE_IN in interface OUTSIDE
HTH
09-04-2018 02:09 PM
Thank you for the response. I will give it a shot. Much appreciated.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: