open ports 8081 & 8082

eddie.sardinha · ‎07-24-2017

Hello All,

I need assistance opening ports 8081 & 8082 on my network to connect to a cloud application. I opened a ticket with Cisco TAC and they told me I can only do static NAT one to one. I need these ports opened to my entire network, how can I accomplish this? I did challenge them with dynamic NAT and I don't know the config so I wasn't able to get anywhere on the phone with them.

Can someone assist?

Thanks,

Julio E. Moisa · ‎07-24-2017

Hi

If you already have a dynamic NAT or PAT it should work, but I would like to know if you are using a firewall or ACL to block traffic?

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

eddie.sardinha · ‎07-24-2017

The ASA is connected directly to the internet circuit there should be nothing else blocking traffic.

Julio E. Moisa · ‎07-24-2017

Ok, so you should create an ACL to allow the permission to those ports, example:

object-group service NEW-PORTS tcp
port-object range 8081 8082

access-list INSIDE-ACL extended permit tcp <source networks with subnet mask> <destination with subnet mask> object-group NEW-PORTS

If you have an ACL with deny, the new ACL entry should moved up from the bottom.

:-)

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<