09-05-2019 07:36 AM - edited 02-21-2020 09:27 AM
I am a novice when it comes to Firewall management and still learning, so bear with me. I need to make sure the following ports are open on my ASA5508. I am logged into Cisco ASDM to manage Firewall, can I see open ports in ASDM or do I need to view open ports somewhere else? Thank you very much for any help.
Port | Direction | Protocol |
22 | In/Out | TCP |
25 | Out | TCP |
53 | Out | TCP/UDP |
80 | Out | TCP |
123 | In/Out | UDP |
8000 | In/Out | TCP |
8002 | In/Out | TCP |
23557 | In/Out | TCP |
09-05-2019 02:19 PM
Assuming you don't have any ACLs restricting outbound traffic to the Internet then you would really only be worried about traffic originating on the Internet that needs to access an internal resource or resources. You can use the following link for help https://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/118996-config-asa-00.html
09-06-2019 04:54 AM
I do not have any ACLs setup. So am I wanting to setup "Allow Inside Hosts Access to Outside Networks with NAT"?
Thank you.
09-06-2019 09:52 AM
That is only applicable if you have a pool of public addresses assigned to you and you don't have a ton of internal hosts. You can utilize PAT instead and that will allow you to NAT multiple internal hosts behind a single public IP. What is your setup? Can you share the ASA configuration?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide