How to block port 445 on the PIX 515? 1

[TGaylor]

The PIX 515 is a state-based firewall appliance, therefore in-coming traffic over port 445 would be blocked by default unless a “conduit” was created to open it; correct?
I need to make certain traffic over port 445 is blocked.

Thanks in advance for the help,


Tom

 

[lgarner]

Yes. I'd suggest blocking it outbound as well, to help ensure that you don't inadvertantly become part of the problem.

 

[TGaylor]

May I ask how one would block outbound traffic on port 445?

Thanks,


Tom

 

[lgarner]

With an inbound access-list on the inside interface. Something like:

access-list inside_acl deny tcp any any eq 445
access-list inside_acl permit ip any any
access-group inside_acl in interface inside

Recent versions of FOS allow both access lists and conduits; ACLs are recommended and override conduits if both are present. Also, there's a Pix-specific forum here where there would be a lot of help.

 

[TGaylor]

Access-list it is; thanks very much for your help!

Tom