ASA防火墙访问配置
添加外网访问端口
show run
找到如下信息:
access-list inside1-outside1 extended permit udp xxx.xxx.xx.0(内网地址) 255.255.255.0(内网掩码) host xxx.xxx.xxx.xxx(外网地址) range 16000 33000
access-list inside1-outside1 extended permit tcp xxx.xxx.xx.0(内网地址) 255.255.255.0(内网掩码) host xxx.xxx.xxx.xxx(外网地址) eq 9000
access-list inside1-outside1 extended permit tcp xxx.xxx.xx.0(内网地址) 255.255.248.0(内网掩码) host xxx.xxx.xxx.xxx(外网地址) eq https
access-list inside1-outside1 extended permit tcp xxx.xxx.xx.0(内网地址) 255.255.248.0(内网掩码) host xxx.xxx.xxx.xxx(外网地址) eq https
access-list inside1-outside1 extended permit tcp xxx.xxx.xx.0(内网地址) 255.255.248.0(内网掩码) host xxx.xxx.xxx.xxx(外网地址) eq https
根据找到的信息修改:
access-list inside1-outside1 extended permit tcp any(内网全部允许) host xxx.xxx.xxx.xxx(外网地址) range 8443 8445(端口范围)
输入命令conf t
复制修改好的命令,并回车
输入命令end
最后wr write写入配置