Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
180
Views
0
Helpful
2
Replies

Cisco 5510

PlaynetworkUK
Level 1
Level 1

‎03-26-2015 08:19 AM - edited ‎03-11-2019 10:42 PM

Hi

Interface INSIDE set to 100

Interface OUTSIDE set to 0

Application using port 11024 TCP/UDP is not going out.

Do I need to create a separate NAT statement?

I thought all ports are open going from High to low

Regards

Stan

Labels:
0 Helpful
2 Replies 2

Vibhor Amrodia
Cisco Employee
Cisco Employee

‎03-26-2015 11:50 AM

Hi,

As oer the security level configured on the ASA device , the traffic should be allowed by default if you don't have any access group configured on the Inside interface.

You can verify the configuration using Packet Tracer:-

https://supportforums.cisco.com/document/29601/troubleshooting-access-problems-using-packet-tracer

Thanks and Regards,

Vibhor Amrodia

0 Helpful

rizwanr74
Level 7
Level 7

‎03-26-2015 12:00 PM

If your "OUTSIDE" interface is facing the Internet, then naturally you need a dynamic-nat in place.

IP address space between Inside to outside is routable, then you need a permit line on the inside ACL, assuming you have an ACL for control access on the inside access.

 

thanks

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card