cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
879
Views
5
Helpful
2
Replies

Port 80 query

aok
Level 1
Level 1

Hello

 

I blocked port 80 through our Cisco ASA to a particular IP but am still seeing connections being permitted in the logs. The only configuration for the IP is a NAT statement mapping it to an internal IP. Any ideas why?

 

Thanks

A

1 Accepted Solution

Accepted Solutions

Sorry, figured it out! I have multiple public IP addresses NATted to the same private IP, and there was a rule allowing HTTP to one of the public IP objects, which effectively allowed HTTP to anything destined for the private IP. Once I removed that rule HTTP is blocked.

View solution in original post

2 Replies 2

Dennis Mink
VIP Alumni
VIP Alumni

Can you send config and an extract of the log where you are seeing that port 80 is still being allowed?

 

(try the packet tracer tools in ASDM to see if the packet is allowed/denied or not)

Please remember to rate useful posts, by clicking on the stars below.

Sorry, figured it out! I have multiple public IP addresses NATted to the same private IP, and there was a rule allowing HTTP to one of the public IP objects, which effectively allowed HTTP to anything destined for the private IP. Once I removed that rule HTTP is blocked.

Review Cisco Networking for a $25 gift card