05-02-2024 12:25 AM
Dear Community,
I am running Cisco ASA 9.8. I have an app server sitting in the DM Zone that needs to be authenticated with Google Service (reCAPTCHA) only, but I am not allowing the internet service, not the application server.
I have tried to apply the below configuration. I do not see any hits on it. Kindly assist to guide.
object network GOOGLE_RECAPTACHA
fqdn winda.water.co.tz
object-group network GOOGLE_NETWORK
network-object 35.190.247.0 255.255.255.0
network-object 64.233.160.0 255.255.224.0
network-object 66.102.0.0 255.255.240.0
network-object 66.249.80.0 255.255.240.0
network-object 72.14.192.0 255.255.192.0
network-object 74.125.0.0 255.255.0.0
network-object 108.177.8.0 255.255.248.0
network-object 173.194.0.0 255.255.0.0
network-object 216.58.192.0 255.255.224.0
network-object 216.239.32.0 255.255.224.0
network-object object GOOGLE_RECAPTCHA
object-group network DMZ_SVR1
network-object host 172.16.10.70
access-list outside_access_in extended permit ip object-group GOOGLE_NETWORK object-group DMZ_SVR1
access-group outside_access_in in interface outside
05-02-2024 12:45 AM
First i would check from ASA am i able to resolve that domain ?
where is the rule used for this
object network GOOGLE_RECAPTACHA
05-02-2024 01:10 AM
05-02-2024 04:03 AM
i was not clear your ACL it says outside access in ?
but the source is from inside to outside right ?
am i missing something here ?
05-02-2024 06:44 AM
05-07-2024 03:37 AM
Hello Community,
I am still searching for the solution for my case.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide