cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1109
Views
0
Helpful
2
Replies

Need help what is the best config to block some ports on Cisco ASA 5512

johnbloods
Level 1
Level 1

Attached is the current infra but we're getting attacked with several ports I tried to set an access list but when I set the configuration there's no hitcount when I show run the access-list. something is not right even the access-list OUT_IN extended deny icmp any any echo. I can still ping the server from outside. Please advise 

2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

Can you post the ASA config to look. is your ASA deploy router-on-stick mode or in the path ?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

ASA is connected to Cisco switch together with Servers within the same VLAN. ASA can ping 8.8.8.8 and the default gateway of our WAN. I'm trying to test some config now to allow outside network to access the server via RDP  

!
interface GigabitEthernet0/0
nameif outside
security-level 0
ip address x.x.x.15 255.255.255.240

 

access-list OUT_IN extended permit tcp host x.x.x.x any eq 3389
access-list OUT_IN extended permit tcp host x.x.x.x any eq 3389
access-list OUT_IN extended deny icmp any any echo

 

access-group OUT_IN in interface outside

 

show access-list
access-list cached ACL log flows: total 0, denied 0 (deny-flow-max 4096)
alert-interval 300
access-list OUT_IN; 3 elements; name hash: 0x16c2190a
access-list OUT_IN line 1 extended permit tcp host x.x.x.x any eq 3389 (hitcnt=0) 0xe0bee6da
access-list OUT_IN line 2 extended permit tcp host x.x.x.x any eq 3389 (hitcnt=0) 0x65126997
access-list OUT_IN line 3 extended deny icmp any any (hitcnt=0) 0xa37ac2fa

 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: