Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
241
Views
0
Helpful
1
Replies

Cisco ASA allowing blocked IP address through ACL

Kudetauk77
Level 1
Level 1

‎05-03-2018 06:01 AM - edited ‎03-05-2019 10:23 AM

Hi All 

 

I have a strange one . I have an outside interface allowing only a few IP addresses inbound to a natted server. There is an implicit deny at the end 

I have recently noticed attempts to log into this server from a random ( denined) IP . 

The logs show it building a connection successfully , this is how it is able to reach the login page . 

But the ACL is denying it . If I test with packet tracer on the firewall from the malicious IP to the server address it says it is blocked 

Can any one explain how this could happen . I am concerned the ASA5525 ( 9.6 2 ) may have a bug but I cannot see any 

Thanks 

 

Craig 

 

Labels:
0 Helpful
1 Reply 1

Georg Pauwen
VIP
VIP

‎05-03-2018 06:19 AM

Hello,

 

post the config of your ASA...

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card