Home | Troubleshooting |  Quick Setup  |  Cisco How to  |  Data Recovery  |  Forums   | Blog | IT Exam Practice | Services  | About Us | Chicagotech MVP  | Search  | Contact Us  |                  Laptop for rent: $35 per day plus $5 for additional day
rental
 

 

Ciscp PIX show access-list

Chicagotech# sh access-list

access-list cached ACL log flows: total 0, denied 0 (deny-flow-max 1024) alert-interval 300

access-list outside_access_in; 9 elements

! The below are for ping

access-list outside_access_in line 1 permit icmp any any unreachable (hitcnt=294418)

access-list outside_access_in line 2 permit icmp any any time-exceeded (hitcnt=51385)

access-list outside_access_in line 3 permit icmp any any echo-reply (hitcnt=11934)

! The below are for Microsoft Exchange OWA

access-list outside_access_in line 4 permit tcp any host x.x.x.195 object-group OWA_Ports

access-list outside_access_in line 4 permit tcp any host x.x.x.195 eq www (hitcnt=9535)

access-list outside_access_in line 4 permit tcp any host x.x.x.195 eq https (hitcnt=674620)

access-list outside_access_in line 4 permit tcp any host x.x.x.195 eq smtp (hitcnt=1929520)

access-list outside_access_in line 4 permit tcp any host x.x.x.195 eq pop3 (hitcnt=2)

! The below for outside accessing pcAnywhere

access-list outside_access_in line 5 permit tcp any host x.x.x.202 eq pcanywhere-data (hitcnt=4)

! The below are for IPSec

access-list outside_access_in line 6 deny udp any host x.x.x.197 eq isakmp log 6 interval 300 (hitcnt=121)

access-list outside_access_in line 7 deny ah any host x.x.x.197 (hitcnt=0)

access-list outside_access_in line 8 deny esp any host x.x.x.197 (hitcnt=0)

access-list outside_access_in line 9 deny udp any host x.x.x.197 eq 4500 (hitcnt=0)

access-list DMZ_access_in; 34 elements

!The below are for Exchange OWA

access-list DMZ_access_in line 1 permit tcp host OWA object-group DCs_ref_1 object-group TCP_OWA_DCs

access-list DMZ_access_in line 1 permit tcp host OWA host DATA range 1024 65535 (hitcnt=4111)

access-list DMZ_access_in line 1 permit tcp host OWA host DATA eq domain (hitcnt=5268)

access-list DMZ_access_in line 1 permit tcp host OWA host DATA eq ldap (hitcnt=48935)

access-list DMZ_access_in line 1 permit tcp host OWA host DATA eq 135 (hitcnt=465)

access-list DMZ_access_in line 1 permit tcp host OWA host DATA eq 88 (hitcnt=1183)

access-list DMZ_access_in line 1 permit tcp host OWA host DATA eq 3268 (hitcnt=0)

access-list DMZ_access_in line 1 permit tcp host OWA host DC range 1024 65535(hitcnt=4223)

access-list DMZ_access_in line 1 permit tcp host OWA host DC eq domain (hitcnt=6)

access-list DMZ_access_in line 1 permit tcp host OWA host DC eq ldap (hitcnt=106434)

access-list DMZ_access_in line 1 permit tcp host OWA host DC eq 135 (hitcnt=400)

access-list DMZ_access_in line 1 permit tcp host OWA host DC eq 88 (hitcnt=642)

access-list DMZ_access_in line 1 permit tcp host OWA host DC eq 3268 (hitcnt=0)

access-list DMZ_access_in line 2 permit udp host OWA object-group DCs_ref_1 object-group UDP_OWA_DCs

access-list DMZ_access_in line 2 permit udp host OWA host DATA eq domain (hitcnt=794904)

access-list DMZ_access_in line 2 permit udp host OWA host DATA eq 88 (hitcnt=323143)

access-list DMZ_access_in line 2 permit udp host OWA host DC eq domain (hitcnt=165712)

access-list DMZ_access_in line 2 permit udp host OWA host DC eq 88 (hitcnt=164080)

access-list DMZ_access_in line 2 permit udp host OWA host DATA eq 389 (hitcnt=2714)

access-list DMZ_access_in line 2 permit udp host OWA host DC eq 389 (hitcnt=5932)

access-list DMZ_access_in line 3 permit icmp host OWA object-group DCs_ref_1

access-list DMZ_access_in line 3 permit icmp host OWA host DATA (hitcnt=283933)

access-list DMZ_access_in line 3 permit icmp host OWA host DC (hitcnt=315945)

access-list DMZ_access_in line 4 permit tcp host OWA host MAIL object-group TCP_OWA_MAIL

access-list DMZ_access_in line 4 permit tcp host OWA host MAIL eq www (hitcnt=7317)

access-list DMZ_access_in line 4 permit tcp host OWA host MAIL eq 691 (hitcnt=12)

access-list DMZ_access_in line 4 permit tcp host OWA host MAIL eq ftp (hitcnt=0)

access-list DMZ_access_in line 4 permit tcp host OWA host MAIL eq https (hitcnt=0)

access-list DMZ_access_in line 4 permit tcp host OWA host MAIL eq smtp (hitcnt=229932)

access-list DMZ_access_in line 5 permit tcp host OWA any object-group TCP_OWA_INSIDE

access-list DMZ_access_in line 5 permit tcp host OWA any eq www (hitcnt=152)

access-list DMZ_access_in line 5 permit tcp host OWA any eq ftp (hitcnt=0)

access-list DMZ_access_in line 5 permit tcp host OWA any eq pop3 (hitcnt=0)

access-list DMZ_access_in line 5 permit tcp host OWA any eq https (hitcnt=34)

access-list DMZ_access_in line 5 permit tcp host OWA any eq 123 (hitcnt=0)

access-list DMZ_access_in line 5 permit tcp host OWA any eq smtp (hitcnt=85636)

access-list DMZ_access_in line 6 permit icmp host OWA any echo-reply (hitcnt=312)

access-list DMZ_access_in line 7 permit icmp host OWA any unreachable (hitcnt=0)

access-list DMZ_access_in line 8 permit icmp host OWA any time-exceeded (hitcnt=0)

access-list VPN_splitTunnelAcl; 1 elements

access-list VPN_splitTunnelAcl line 1 permit ip 10.0.0.0 255.255.0.0 any (hitcnt=0)

access-list inside_outbound_nat0_acl; 1 elements

! The below are for VPN client access the Internet

access-list inside_outbound_nat0_acl line 1 permit ip any 192.168.254.0 255.255.

255.192 (hitcnt=27430)

access-list outside_cryptomap_dyn_20; 1 elements

access-list outside_cryptomap_dyn_20 line 1 permit ip any 192.168.254.0 255.255.

255.192 (hitcnt=380832)

 


 
 

Hit Counter   This web is provided "AS IS" with no warranties.
Copyright © 2002-2018 ChicagoTech.net, All rights reserved. Unauthorized reproduction forbidden.