- Posts: 9
- Thank you received: 0
Question on ACL
17 years 8 months ago #21261
by alpine
Question on ACL was created by alpine
I receive the following error in sysmon when attempting to get out to the internet
4 Apr 20 2007 06:42:08 106023 66.179.152.103 65.121.165.34 Deny tcp src outside:66.179.152.103/80 dst inside:X.X.X.X/1042 by access-group "outside_access_in" [0x0, 0x0]
Better yet can someone provide an example of how the outside interface ACL should be to allow internet traffic
4 Apr 20 2007 06:42:08 106023 66.179.152.103 65.121.165.34 Deny tcp src outside:66.179.152.103/80 dst inside:X.X.X.X/1042 by access-group "outside_access_in" [0x0, 0x0]
Better yet can someone provide an example of how the outside interface ACL should be to allow internet traffic
17 years 8 months ago #21269
by S0lo
Studying CCNP...
Ammar Muqaddas
Forum Moderator
www.firewall.cx
Replied by S0lo on topic Re: Question on ACL
Can you "show run" to let us better understand your case.
Studying CCNP...
Ammar Muqaddas
Forum Moderator
www.firewall.cx
17 years 8 months ago #21277
by Elohim
Replied by Elohim on topic Re: Question on ACL
Your firewall is dropping the return traffic. However, since TCp is a stateful protocol, I would guess that your firewall is not a stateful firewall because it should have allowed all traffic in bound that is binded to a session that you initiated. It could also be your firewall is not properly configured. Anyways, post up your ACL. We promise we won't hack you.
I receive the following error in sysmon when attempting to get out to the internet
4 Apr 20 2007 06:42:08 106023 66.179.152.103 65.121.165.34 Deny tcp src outside:66.179.152.103/80 dst inside:X.X.X.X/1042 by access-group "outside_access_in" [0x0, 0x0]
Better yet can someone provide an example of how the outside interface ACL should be to allow internet traffic
Time to create page: 0.137 seconds