Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Application Layer filtering

Status
Not open for further replies.
Bluecrack

Bluecrack

MIS
Apr 9, 2001
180
0
0
US
I have tcp port 80 open for outbund connections so users at my company can browse the web. However, I have some users who are redirecting SSH (and other traffic) over port 80 to connect to say their home computers. Is there a way to configure the PIX to allow only HTTP traffic only port 80 and block anything that is not legimiate HTTP traffic?

FYI - I'm running PIX version 6.01.

Bluecrack
 
Sort by date Sort by votes
I believe you can do an access list that would say something like

access-list 101 permit whatever whatever http

The keyword here is http.

I'm not sure about this though.

David K.
 
Upvote 0 Downvote
No, http will just resolve to port 80. Are you running fixup on port 80? It should be on by default. Basically the pix will not filter at the application level. What you could do is install a proxy, and only allow 80 out from that server.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

gkreg
  • Locked
  • Question
asa 5500-x url filtering
Replies
0
Views
93
gkreg
gkreg
cwhite432
  • Locked
  • Question
Sonicwall TZ 105 application bandwidth management
Replies
1
Views
40
cwhite432
cwhite432
Trent005
  • Locked
  • Question
Sonicwall Content Filtering.
Replies
0
Views
21
Trent005
Trent005
JOlinski
  • Locked
  • Question
Cisco Ironport Content filtering
Replies
0
Views
25
JOlinski
JOlinski
bmwallparts
  • Locked
  • Question
TOR network - linking applications
Replies
0
Views
22
bmwallparts
bmwallparts

Part and Inventory Search

Sponsor

Back
Top