Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
350
Views
0
Helpful
1
Replies

Troubleshooting a firewall rule

stevenmedeiros
Level 1
Level 1

‎03-15-2011 02:30 PM - edited ‎03-11-2019 01:07 PM

I have an FWSM 4.0(7).

I'm creating firewall policies within Cisco Security Manager.

I created a simple policy that from a couple of hosts  (10.127.154.8 & 9) to communicate to some other hosts that live on a different vlan(10.127.76.31 &32) and made a reciprocal policy for the other direction. The point of these policies is to allow port tcp/50636 in both directions.

I put this rule at the  top of the ruleset to make sure there are no other rules above it that would negate the rule above.

Yes, I also saved it and "Submitted and deployed" this to the appropriate FWSM

However, In the syslog, I see that port tcp/50636 is still being denied. See attached screenshot

I have also confirmed that this policy is in the config of the FWSM itself.

I have confimred that there is nothing on the host blocking (antivirus, windows firewall) this port

I have seen this type of scenario a couple times before in the past, where I create a policy, it doesn't work right away - then it mysteriously works one day.

I'm wondering if there is abug in this software version for this type of activity? Any comments on what I could try to get the policy working?

Thanks!

Labels:
Preview file
9 KB
0 Helpful
1 Reply 1

Jennifer Halim
Cisco Employee
Cisco Employee

‎03-15-2011 07:20 PM

You might want to check if you have hit the hard limit on the ACL configured on the FWSM.

Is this multiple context or single context mode?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card