Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
522
Views
0
Helpful
2
Replies

VPN Web Access with ACL Firewall

Go to solution
Anthony W.
Level 1
Level 1

‎08-22-2013 02:35 PM

All,

I have a basic EZ VPN and my outside interface has a standard ACL firewall.  I can VPN into the system just fine and have access to all internal items but I have no internet access.  The router log shows:

003253: Aug 22 15:22:26.456 MDT: %SEC-6-IPACCESSLOGP: list FW_OUT denied tcp 74.125.225.199(80) -> 67.X.X.X (59480), 1 packet

But have an IP NAT transaiton for this request:

tcp 67.X.X.X.X:59480 172.25.0.68:59480  74.125.225.199:80  74.125.225.199:80

The ip address is in the NAT range.  Am I missing an IP inspect command? I am inspecting TCP and UDP.   Any ideas?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jeff Van Houten
Level 5
Level 5

‎08-22-2013 07:24 PM

Which direction is the inspect statement on the interface defined? It should be defined as out.

Sent from Cisco Technical Support iPad App

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Jeff Van Houten
Level 5
Level 5

‎08-22-2013 07:24 PM

Which direction is the inspect statement on the interface defined? It should be defined as out.

Sent from Cisco Technical Support iPad App

0 Helpful

Go to solution
Anthony W.
Level 1
Level 1
In response to Jeff Van Houten

‎08-23-2013 07:15 AM

The incorrect way.  Thanks for helping me out!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents