Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

outbound traffic

Status
Not open for further replies.
khaledeshah

khaledeshah

ISP
Jan 1, 2001
84
LY
Hi
I have a PIX 515 with 6 interfaces, I put the servers in one of them, and I make access-lists to them to let outside users access
Now I need to know can I make access-lists to these servers to let them access only certain ports to the ouside (outbound traffic) eg how can I make to smtp - dns servers ?
 
Sort by date Sort by votes
HI.

Yes. You can apply an access-list to the DMZ interface where the servers are connected. This will disable the default implicit outbound rule and will allow only traffic that is specified in the ACL . Remember that access-list have an implicit "deny any any" at the end.
For DNS traffic - open both TCP and UDP port 53.

Bye
Yizhar Hurwitz
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Russtoleum
  • Locked
  • Question
SW GVC won't route traffic through sonicwall to offsite tunnel unless it leases an ip on the same su
Replies
1
Views
168
Russtoleum
Russtoleum
jfp23
  • Locked
  • Question
ASA 5512x 9.3 version Outbound connection issues
Replies
0
Views
101
jfp23
jfp23
xylax
  • Locked
  • Question
Redirecting HTTP traffic from INSIDE to OUTSIDE using ASA NATs
Replies
0
Views
83
xylax
xylax
JMCraig
  • Locked
  • Question
Outbound traffic works; inbound does not
Replies
3
Views
109
nerdasaurus
nerdasaurus
negley97
  • Locked
  • Question
XTM505 - would like to block all smtp traffic out except for Exchange server
Replies
2
Views
139
negley97
negley97

Part and Inventory Search

Sponsor

Back
Top