cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
653
Views
0
Helpful
2
Replies
Beginner

How to open 2 ranges of ports in a 5510

I'm new to Cisco and am unsure that the posts I've seen answer my question, so I thought I'd ask it directly:

We have a ASA5510 version 7.0(8); our public ip is 216.220.232.224

How can I open TCP ports 3230 - 3243 and UDP ports 3230 - 3285 for 192.168.0.225 for anyone in the outside world?

Would it be something like this in the CLI?

access-list outside_access_in extended permit tcp any host 216.220.232.224 range 3230 3243
static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255
access-group outside_access_in in interface outside

access-list outside_access_in extended permit udp any host 216.220.232.224 range 3230 3285
static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255
access-group outside_access_in in interface outside

Everyone's tags (4)
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Re: How to open 2 ranges of ports in a 5510

Also need to correct the syntax for the static:

static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255

Should be:

static (inside,outside) 216.220.232.224 192.168.0.225

Federico.

View solution in original post

2 REPLIES 2
Highlighted

Re: How to open 2 ranges of ports in a 5510

Hi,

Exactly.

But you only need this:

access-list outside_access_in extended permit tcp any host 216.220.232.224 range 3230 3243

access-list outside_access_in extended permit udp any host 216.220.232.224 range 3230 3285

static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255
access-group outside_access_in in interface outside

Federico.

Highlighted

Re: How to open 2 ranges of ports in a 5510

Also need to correct the syntax for the static:

static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255

Should be:

static (inside,outside) 216.220.232.224 192.168.0.225

Federico.

View solution in original post