11-22-2019 12:20 AM
Attached is the current infra but we're getting attacked with several ports I tried to set an access list but when I set the configuration there's no hitcount when I show run the access-list. something is not right even the access-list OUT_IN extended deny icmp any any echo. I can still ping the server from outside. Please advise
11-22-2019 12:31 AM
Can you post the ASA config to look. is your ASA deploy router-on-stick mode or in the path ?
11-22-2019 12:48 AM
ASA is connected to Cisco switch together with Servers within the same VLAN. ASA can ping 8.8.8.8 and the default gateway of our WAN. I'm trying to test some config now to allow outside network to access the server via RDP
!
interface GigabitEthernet0/0
nameif outside
security-level 0
ip address x.x.x.15 255.255.255.240
access-list OUT_IN extended permit tcp host x.x.x.x any eq 3389
access-list OUT_IN extended permit tcp host x.x.x.x any eq 3389
access-list OUT_IN extended deny icmp any any echo
access-group OUT_IN in interface outside
show access-list
access-list cached ACL log flows: total 0, denied 0 (deny-flow-max 4096)
alert-interval 300
access-list OUT_IN; 3 elements; name hash: 0x16c2190a
access-list OUT_IN line 1 extended permit tcp host x.x.x.x any eq 3389 (hitcnt=0) 0xe0bee6da
access-list OUT_IN line 2 extended permit tcp host x.x.x.x any eq 3389 (hitcnt=0) 0x65126997
access-list OUT_IN line 3 extended deny icmp any any (hitcnt=0) 0xa37ac2fa
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide