Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1054
Views
0
Helpful
0
Replies

CISCO NOT SECURE !! LETTING NETWORKS OPEN UP NOT HAPPY!!

JohnHeritage54206
Level 1
Level 1

‎09-22-2020 03:11 PM - edited ‎09-22-2020 03:12 PM

ok

 

I have an ASA 5506x router set up with various vlans

I have various pc's on the vlans and an out side connection

 

 

I have have set up NAT for various service 

 

and set up the firewall access lists to prevent communication to different vlans unles I enable the rules to allow commincations

 

but I having a real strange thing happing

 

I have disabled the firewall access rules to stop vlan1 talking to vlan 7  and

and stop vlan 7 talking to vlan1

 

when these rules are enabled It stops me pinging to that network and it stops FTP access to that network/vlan

 

BUT !!!

 

if i type \\10.10.2.31 from my vlan 1 network... i can access sharesd on my DMZ vlan7 server ???

 

likewise if i type \\192.168.1.31 from my DMZ Server (vlan7) I can access my server on my 192.168.1.31 server

 

what is going on how can these networks communicate with each other when the access list is disabled

 

to block each vlan in access list I am using IP deny / allow is this correct ? if the default is block for each vlan surly unless I allow it should block access across each vlan 

 

any help will be much appreciated

 

regards John

 

 

 

Annotation 2020-09-22 225741.jpg 

firewall.html.pdf
Preview file
336 KB
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top