[c-nsp] ASA

Joshua Riesenweber joshua.riesenweber at outlook.com
Wed Feb 11 07:29:52 EST 2015


This has a few good examples:http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/acl_extended.html
I might very well be wrong, but I believe the security levels are negated if an access list is applied to an interface.

Cheers,Josh 
> Date: Wed, 11 Feb 2015 20:43:37 +1100
> From: dale.shaw+cisco-nsp at gmail.com
> To: madunix at gmail.com
> CC: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] ASA
> 
> Hi madunix,
> 
> On Wed, Feb 11, 2015 at 7:26 PM, madunix at gmail.com <madunix at gmail.com>
> wrote:
> >
> > I would like to block the following ports: 135,137,138,139,445,593,4444
> >  tcp/udp on my Firewall
> [...]
> 
> Well, what you need to do, is figure out how to block those ports, perhaps
> by modifying the 'in' access-list you've applied to your outside interface.
> You might even need to Google That.
> 
> That's assuming it's that direction (outside > inside) that you want to
> block the traffic.
> 
> Cheers,
> Dale
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
 		 	   		  


More information about the cisco-nsp mailing list