Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
360
Views
0
Helpful
1
Replies

testing of asa5505 if firewall deny access from outside

edongskiu
Level 1
Level 1

‎05-12-2008 10:45 PM - edited ‎03-11-2019 05:43 AM

Hi,

I was able to setup our ASA5505. Internet modem connected to firewall (outside) and used one port for the modem and another port (outside) for the web server LAN card. The internet is passing ok from internet to our web server (second NIC of server is connected to our LAN). How do i test if the firewall actually blocks coming in?

The outside security is set at 0.

thanks!

Labels:
0 Helpful
1 Reply 1

Collin Clark
VIP Alumni
VIP Alumni

‎05-13-2008 08:11 AM

Enable debug on logging and test it with a port scan. You should see some denies.

Here's an example-

show log | i Deny

%ASA-4-106023: Deny udp src dmz:[destination IP]/53 dst outside:[source IP]/53 by access-group "dmz_inside_access"

Hope that helps

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card