05-07-2019 06:53 AM
Hi Guys,
Can someone please verify whether these commands are correct for opening these two ports. The ASA is running version 9.7.
object network app
host 10.1.1.106
object network app
nat (inside,outside) static 2.2.23.15
access-list acl-outside extended permit tcp any host 10.1.1.106 eq 443
access-list acl-outside extended permit tcp any host 10.1.1.106 eq 9669
Thanks,
Solved! Go to Solution.
05-07-2019 07:50 AM
Yes, assuming 2.2.23.15 is routed by the outside interface it should work. Are you seeing a different result?
cheers,
Seb.
05-07-2019 07:00 AM
Hi there,
Looks good. You just need to apply the ACL:
! access-group acl-outside in interface outside !
cheers,
Seb.
05-07-2019 07:04 AM
Hi Seb,
The access-group already exists because there are ports already open. Does that mean my commands are complete?
Thanks,
Lake
05-07-2019 07:50 AM
Yes, assuming 2.2.23.15 is routed by the outside interface it should work. Are you seeing a different result?
cheers,
Seb.
05-07-2019 07:52 AM
Thank you very much.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide