Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
346
Views
0
Helpful
2
Replies

matching exact IPs on permit ip any any statement

mostafa.katary
Level 1
Level 1

‎02-18-2018 06:03 AM - edited ‎02-21-2020 07:22 AM

I have an old infrastructure managed by another entity transferred to me but the ASA firewalls have permit ip any any statements applied on all interfaces, I need to match the exact IPs hitting this ACL to allow and add more specific statements while performing survey to collect source/destination IPs.

 

Labels:
0 Helpful
2 Replies 2

Francesco Molino
VIP Alumni
VIP Alumni

‎02-18-2018 06:05 PM

Hi

 

You can take a look on log buffers to see which traffic hit that rule or take a look on your syslog servers if any.

 

All traffic today is passing to that rule any to any and it will be difficult to determine if it's a normal traffic or not.

 

The best way is to do an assessment to know what is allowed from external to internal.

You can also look at the Nat statements and create acls accordingly because having any any is the not the only thing that will permit a traffic from outside to inside, you'll need Nat configuration.

 


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Ajay Saini
Level 7
Level 7

‎02-18-2018 08:23 PM

Hello,

 

I posted sometime back in a discussion, please see if that helps:

 

https://supportforums.cisco.com/t5/firewalling/why-use-permit-ip-any/m-p/3324063#M166052

 

questions are welcome.

 

-

HTH

AJ

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card