cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1489
Views
0
Helpful
1
Replies

ASA block traffic when should be allowed.

JKOOP
Level 1
Level 1
I'm simply trying to access adsm and when doing show log I see that the traffic is getting block by an ACL. %ASA-3-710003: TCP access denied by ACL from 192.168.1.84/1092 to g0:192.168.1.180/443 %ASA-7-710005: TCP request discarded from 192.168.1.84/1092 to g0:192.168.1.180/443 So I then tried configuring an explicit rule to allow all( any any) to simply to access adsm. The issue still persists. The security-level is set to zero 0 on the interface, I've read that this should matter any more since an acl has been applied to the interface. The firewall rules. access-list OUTBOUND extended permit tcp host 192.168.1.84 host 192.168.1.180 access-list INBOUND extended permit tcp host 192.168.1.180 host 192.168.1.84 I've also tried applying these rules as well. access-list OUTBOUND extended permit tcp any4 any4 access-list INBOUND extended permit tcp any4 any4 access-group OUTBOUND out int g0 access-group INBOUND in int g0
1 Accepted Solution

Accepted Solutions

Marvin Rhoads
Hall of Fame
Hall of Fame

Access to ASDM is controlled not by an ACL but by the "http" command.

Try:

http 0.0.0.0 0.0.0.0 inside

(or whatever interface you are trying to access from).

You can substitute a more specific subnet or even host address for the 0.0.0.0/0 example.

View solution in original post

1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

Access to ASDM is controlled not by an ACL but by the "http" command.

Try:

http 0.0.0.0 0.0.0.0 inside

(or whatever interface you are trying to access from).

You can substitute a more specific subnet or even host address for the 0.0.0.0/0 example.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: