Internet access still being blocked even with http, https, dns, etc.

CiscoPurpleBelt · ‎03-24-2019

So I am just doing some testing on home lab. I have a bunch of ports under a group called web-ports (see attached). Internal PC is still being blocked from accessing the net and only works if I change from Web_Ports to all IP service. Any idea what other ports I am missing?

Jaderson Pessoa · ‎03-24-2019

@CiscoPurpleBelt hello,

It is necessary more information about your topoly, devices and which rules are you applying on it, so after it we can suggest to you more options to solve your problem.

Please, if possible, input here others information about your problem, topoly or configuration.

Jaderson Pessoa
*** Rate All Helpful Responses ***

balaji.bandi · ‎03-24-2019

Adding to otherpost. use web_ports in rule and save and apply.

Open a real time monitor and check intiate the connection from PC and check what is dropping in the Logs (make necessary changes in the rules)

Or use packet tracer from ASA and intiate and paste here the output to understand.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

johnd2310 · ‎03-24-2019

Hi,

DNS/UDP port is not properly defined. The source port should be default(1-65535) and the destination port 53. 53 is the server port and clients do not normally run the dns server service. Try this change and see if it helps..

Thanks

John

**Please rate posts you find helpful**