08-19-2011 07:05 AM - edited 03-11-2019 02:14 PM
HI ,
I want to give sVN access to a remote client. So I need to give access only his IP. Please suggest what will be the access list..
Thanks
Amardeep
Solved! Go to Solution.
08-19-2011 07:08 AM
Hi Amardeep,
You should provide some ip addresses, that needs to be accessed(you can modify them), and also the interface from where the traffic would be hitting the firewall, but just for your reference:
access-list inside_access_in extended permit tcp host
access-group inside_access_in in interface outside (if the traffic is coming from outside interface)
Hope this helps.
Thanks,
Varun
Please rate the post if helpful
08-19-2011 07:08 AM
Hi Amardeep,
You should provide some ip addresses, that needs to be accessed(you can modify them), and also the interface from where the traffic would be hitting the firewall, but just for your reference:
access-list inside_access_in extended permit tcp host
access-group inside_access_in in interface outside (if the traffic is coming from outside interface)
Hope this helps.
Thanks,
Varun
Please rate the post if helpful
08-19-2011 07:12 AM
Here's a command reference for you:
http://www.cisco.com/en/US/customer/docs/security/asa/asa82/command/reference/a1.html#wp1559450
Thanks,
Varun
08-19-2011 09:15 AM
Hi Varun,
I tried it but not able to access port. but this is not working for me, But when I create it for any any. I am able to access it.
Thanks
08-19-2011 09:22 AM
Hi Amar,
As I told you kindly provide me the output of the access-list that you created, what is the source ip from where the request would be coming and what is the destination that you are accessing. What port are you opening?
Can you provide an output of show tech from your ASA??
-Varun
08-19-2011 09:55 AM
HI
Here are the details
I want to give access of my svn server.
access-list 10 extended permit tcp host
access-group 10 in interface outside
Thanks
08-19-2011 10:02 AM
Hi Amar,
The access-list looks good, but is the server ip a public ip that you are using or are you using a private ip.
What is the ASA software version that you are using?? Do you have a static nat translation for it on the ASA??
You can check the software version with the command "show version" and the static by "show run static"
If you want to know, if your acl is working, do:
show access-list 10
This would give you the hitcount, if it is 0, it means it is not working.
Thanks,
Varun
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide