Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1355
Views
0
Helpful
6
Replies

How to open port for a single IP

Go to solution
Amardeep Kumar
Level 1
Level 1

‎08-19-2011 07:05 AM - edited ‎03-11-2019 02:14 PM

HI ,

I want to give sVN access to a remote client. So I need to give access only his IP. Please suggest what will be the access list..

Thanks

Amardeep

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
varrao
Level 10
Level 10

‎08-19-2011 07:08 AM

Hi Amardeep,

You should provide some ip addresses, that needs to be accessed(you can modify them), and also the interface from where the traffic would be hitting the firewall, but just for your reference:

access-list inside_access_in extended permit tcp host host eq

access-group inside_access_in in interface outside   (if the traffic is coming from outside interface)

Hope this helps.

Thanks,

Varun

Please rate the post if helpful

Thanks,
Varun Rao

View solution in original post

0 Helpful
6 Replies 6

Go to solution
varrao
Level 10
Level 10

‎08-19-2011 07:08 AM

Hi Amardeep,

You should provide some ip addresses, that needs to be accessed(you can modify them), and also the interface from where the traffic would be hitting the firewall, but just for your reference:

access-list inside_access_in extended permit tcp host host eq

access-group inside_access_in in interface outside   (if the traffic is coming from outside interface)

Hope this helps.

Thanks,

Varun

Please rate the post if helpful

Thanks,
Varun Rao
0 Helpful

Go to solution
varrao
Level 10
Level 10
In response to varrao

‎08-19-2011 07:12 AM

Here's a command reference for you:

http://www.cisco.com/en/US/customer/docs/security/asa/asa82/command/reference/a1.html#wp1559450

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful

Go to solution
Amardeep Kumar
Level 1
Level 1
In response to varrao

‎08-19-2011 09:15 AM

Hi Varun,

I tried it but not able to access port. but this is not working for me, But when I create it for any any. I am able to access it.

Thanks

0 Helpful

Go to solution
varrao
Level 10
Level 10
In response to Amardeep Kumar

‎08-19-2011 09:22 AM

Hi Amar,

As I told you kindly provide  me the output of the access-list that you created, what is the source ip from where the request would be coming and what is the destination that you are accessing. What port are you opening?

Can you provide an output of show tech from your ASA??

-Varun

Thanks,
Varun Rao
0 Helpful

Go to solution
Amardeep Kumar
Level 1
Level 1
In response to varrao

‎08-19-2011 09:55 AM

HI

Here are the details

I want to give access of my svn server.

access-list 10  extended permit tcp host host eq 3690

access-group 10 in interface outside

Thanks

0 Helpful

Go to solution
varrao
Level 10
Level 10
In response to Amardeep Kumar

‎08-19-2011 10:02 AM

Hi Amar,

The access-list looks good, but is the server ip a public ip that you are using or are you using a private ip.

What is the ASA software version that you are using?? Do you have a static nat translation for it on the ASA??

You can check the software version with the command "show version" and the static by "show run static"

If you want to know, if your acl is working, do:

show access-list 10

This would give you the hitcount, if it is 0, it means it is not working.

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top