Petri IT Knowledgebase Forums
 

Petri.co.il forums Home Forums Start Page Forums Frequently Asked Questions FAQ Member List Members List
Go Back   Petri IT Knowledgebase Forums > Networking > Cisco Security – PIX/ASA/VPN
Reload this Page

Add allow rule via ASDM on ASA 5510

Petri.co.il is happy to award auglan the title of Most Valuable Member !!!
Register Calendar Calendar Search Petri IT Knowledgebase Forums Search Todays Posts Today's Posts Mark Forums Read

Notices

Add allow rule via ASDM on ASA 5510

Add allow rule via ASDM on ASA 5510

this thread has 15 replies and has been viewed 8363 times

Closed Thread
Page 1 of 2 1 2
 
Thread Tools Search this Thread Display Modes
  #1  
Old 16th April 2009, 21:32
greenmind greenmind is offline
Casual
Casual
  
 Join Date: Apr 2009
  6 month star 12 month star
 Posts: 8
 Reputation: greenmind is on a distinguished road (10)
Default Add allow rule via ASDM on ASA 5510
Hi,
I am new to this forum. I was recently started a new job and they have an ASA 5510. I have never used this device before. We are upgrading our spam filter software and it will require us to create a an allow rule to allow outbound traffic to *.mail-filters.com on port 25080. How would I go about doing this?

I have found information on allowing certain IP addresses but cannot find out how to do this by port number. I do not want to wreck the infrastructure here considering I am the new guy.

P.S. The person who set this entire network up no longer works here and left no documentation.

I appreciate any help you can give me.

Thank you.
  #2  
Old 16th April 2009, 23:23
AndyJG247's Avatar
AndyJG247 AndyJG247 is offline
Senior Member
Wrote the book
  
 Join Date: Mar 2008
  6 month star 12 month star
 Location: London
 Posts: 3,842
 Reputation: AndyJG247 is a jewel in the roughAndyJG247 is a jewel in the roughAndyJG247 is a jewel in the roughAndyJG247 is a jewel in the rough (349)
Default Re: Add allow rule via ASDM on ASA 5510
Hmm, never used the ASDM but may be able to do this from command line if you fancy a shot?
__________________
cheers
Andy

Please read this before you post:
http://support.microsoft.com/kb/555375
Quis custodiet ipsos custodes?
  #3  
Old 16th April 2009, 23:26
greenmind greenmind is offline
Casual
Casual
  
 Join Date: Apr 2009
  6 month star 12 month star
 Posts: 8
 Reputation: greenmind is on a distinguished road (10)
Default Re: Add allow rule via ASDM on ASA 5510
Sure I can give it a shot from the command line.
  #4  
Old 16th April 2009, 23:31
AndyJG247's Avatar
AndyJG247 AndyJG247 is offline
Senior Member
Wrote the book
  
 Join Date: Mar 2008
  6 month star 12 month star
 Location: London
 Posts: 3,842
 Reputation: AndyJG247 is a jewel in the roughAndyJG247 is a jewel in the roughAndyJG247 is a jewel in the roughAndyJG247 is a jewel in the rough (349)
Default Re: Add allow rule via ASDM on ASA 5510
Can you try telnetting to the box first to see if we have access?
If that doesn't work download PuTTY (LINK)
and try connecting to 22 (SSH).
You should be prompted for a login.
__________________
cheers
Andy

Please read this before you post:
http://support.microsoft.com/kb/555375
Quis custodiet ipsos custodes?
  #5  
Old 16th April 2009, 23:33
greenmind greenmind is offline
Casual
Casual
  
 Join Date: Apr 2009
  6 month star 12 month star
 Posts: 8
 Reputation: greenmind is on a distinguished road (10)
Default Re: Add allow rule via ASDM on ASA 5510
I can telnet into it.
  #6  
Old 16th April 2009, 23:39
AndyJG247's Avatar
AndyJG247 AndyJG247 is offline
Senior Member
Wrote the book
  
 Join Date: Mar 2008
  6 month star 12 month star
 Location: London
 Posts: 3,842
 Reputation: AndyJG247 is a jewel in the roughAndyJG247 is a jewel in the roughAndyJG247 is a jewel in the roughAndyJG247 is a jewel in the rough (349)
Default Re: Add allow rule via ASDM on ASA 5510
Splendid, I'm concious I don't want to be too basic but you can use
Code:
 
enable
show run
to show the current config.

As this is Inside going Outside then we need to see what access-lists you have setup to stop traffic outbound.
Can you see anything starting access-list?
If you want you can post them here or PM me. If posting thenchange any external IP addresses just to make sure.
__________________
cheers
Andy

Please read this before you post:
http://support.microsoft.com/kb/555375
Quis custodiet ipsos custodes?
  #7  
Old 16th April 2009, 23:59
greenmind greenmind is offline
Casual
Casual
  
 Join Date: Apr 2009
  6 month star 12 month star
 Posts: 8
 Reputation: greenmind is on a distinguished road (10)
Default Re: Add allow rule via ASDM on ASA 5510
I will pm you Andy
Last edited by greenmind; 17th April 2009 at 15:28.. Reason: Just in case they were live addresses
  #8  
Old 17th April 2009, 00:13
AndyJG247's Avatar
AndyJG247 AndyJG247 is offline
Senior Member
Wrote the book
  
 Join Date: Mar 2008
  6 month star 12 month star
 Location: London
 Posts: 3,842
 Reputation: AndyJG247 is a jewel in the roughAndyJG247 is a jewel in the roughAndyJG247 is a jewel in the roughAndyJG247 is a jewel in the rough (349)
Default Re: Add allow rule via ASDM on ASA 5510
Sorry, there is a bit more too!
Press space or enter to get more onscreen.
__________________
cheers
Andy

Please read this before you post:
http://support.microsoft.com/kb/555375
Quis custodiet ipsos custodes?
  #9  
Old 17th April 2009, 15:23
greenmind greenmind is offline
Casual
Casual
  
 Join Date: Apr 2009
  6 month star 12 month star
 Posts: 8
 Reputation: greenmind is on a distinguished road (10)
Default Re: Add allow rule via ASDM on ASA 5510
I will pm you
  #10  
Old 17th April 2009, 18:32
AndyJG247's Avatar
AndyJG247 AndyJG247 is offline
Senior Member
Wrote the book
  
 Join Date: Mar 2008
  6 month star 12 month star
 Location: London
 Posts: 3,842
 Reputation: AndyJG247 is a jewel in the roughAndyJG247 is a jewel in the roughAndyJG247 is a jewel in the roughAndyJG247 is a jewel in the rough (349)
Default Re: Add allow rule via ASDM on ASA 5510
Hi,
I've had a look through the config and, assuming I didn't miss something whilst pasting them all together (), then there appears to be no access-lists bound to the internal interface. The PIX/ASA allow all traffic from high security to low security assuming there is a way to get there. I would imagine based on this that it should already be working. You could try telnet to see if you get a response?

I would suggest at some point that an ACL is setup to block at least port 25 traffic outbound though.
__________________
cheers
Andy

Please read this before you post:
http://support.microsoft.com/kb/555375
Quis custodiet ipsos custodes?
Closed Thread
Page 1 of 2 1 2

« Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
[HELP] ASDM error ASA 5505 steffen_sor Cisco Security – PIX/ASA/VPN 6 13th June 2009 12:20
Asa 5510 BBKING Cisco Security – PIX/ASA/VPN 6 16th April 2009 16:15
Cisco ASA - How to add rule without removing implicit rule? daff42 Cisco Security – PIX/ASA/VPN 4 2nd February 2009 11:01
Access 5510 via ASDM Launcher oscarp Cisco Routers & Switches How-to 5 19th September 2008 01:50
Cisco ASA 5510 hoe to add route to allow Sonicwall users to browse local LAN smiler Cisco Security – PIX/ASA/VPN 2 6th March 2008 09:43


All times are GMT +3. The time now is 20:06.

Contact Us - Petri.co.il forums - Archive - Top
Steel Blue 3.5.4 vBulletin Style ©2006 vBEnhanced
Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
 

Valid XHTML 1.0!   Valid CSS!

Copyright 2005 Daniel Petri