Need to block Cpanel ports in ASA 5550 please

madonamadona · ‎12-05-2016

Dear all,

Sorry, I posted the same in discussion and thought I will also post it here, sorry again

I need to stop clients from accessing Cpanel ports outside our network.

The issue we have is that our home page is hosted by an external company and they use Cpanel to do that.

At the moment, our homepage is down because our outside IP-Address, which is our ASA firewall-outside IP) has been blocked by their system and according to them, some or a lot of our clients (we are an exhibition centre) tried to attack their system from inside our network (I don't believe this but I need to do what they asked me to do).

Now, we have over 200 internal Vlans, which are all in use and we need to stop clients from attacking their system, so we have to block cpanel ports in our firewall (they asked for port 2082 and 2095 to be blocked, so clients within our network ca't access their system.

I would need help to do this, just to make sure I am not doing anything wrong in our ASAs (we have 2, primary and fail-over).

I tried to do it by using ASDM but couldn't get the option to specify the direction (it should be from inside to outside).

Our ASAs have 8.2 FW and I would really prefer to use ASDM to configure this task (not CLI)

Many thanks in advance.

Madona

Marvin Rhoads · ‎02-06-2018

On ASDM, configuration, firewall section add/modify an access-list to your inside interface.

The ACL should have entries to:

deny from inside any any to outside any tcp/2082

deny from inside any any to outside any tcp/2095

permit from inside any any to outside any any

Apply that it it should do what you're asking.

If you have multiple "inside" interfaces, do it for each one.