cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

149
Views
0
Helpful
1
Replies
madonamadona
Beginner

Need to block Cpanel ports in ASA 5550 please

Dear all,

Sorry, I posted the same in discussion and thought I will also post it here, sorry again

I need to stop clients from accessing Cpanel ports outside our network.

The issue we have is that our home page is hosted by an external company and they use Cpanel to do that.

At the moment, our homepage is down because our outside IP-Address, which is our ASA firewall-outside IP) has been blocked by their system and according to them, some or a lot of our clients (we are an exhibition centre) tried to attack their system from inside our network (I don't believe this but I need to do what they asked me to do).

Now, we have over 200 internal Vlans, which are all in use and we need to stop clients from attacking their system, so we have to block cpanel ports in our firewall (they asked for port 2082 and 2095  to be blocked, so clients within our network ca't access their system.

I would need help to do this, just to make sure I am not doing anything wrong in our ASAs (we have 2, primary and fail-over).

I tried to do it by using ASDM but couldn't get the option to specify the direction (it should be from inside to outside).

Our ASAs have 8.2 FW and I would really prefer to use ASDM to configure this task (not CLI)

Many thanks in advance.

Madona

1 REPLY 1
Marvin Rhoads
VIP Community Legend

On ASDM, configuration, firewall section add/modify an access-list to your inside interface.

 

The ACL should have entries to:

 

deny from inside any any to outside any tcp/2082

deny from inside any any to outside any tcp/2095

permit from inside any any to outside any any

 

Apply that it it should do what you're asking.

 

If you have multiple "inside" interfaces, do it for each one.

Create
Recognize Your Peers
Polls
Which of these topics should we host an event in the Community?

Top Choice: pxGrid (35%)

Content for Community-Ad