Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PIX 515, how i can prevent outbound connections?

Status
Not open for further replies.
DSOFT

DSOFT

Technical User
Nov 18, 2001
52
US
Hi:

I have a PIX 515 and i think that the PIX have open all ports for outbound connections, (i have ALIAS and STATIC and some CONDUITS commands)how i can DENY outbound connections for some TCP or UDP ports? Ie: ICQ, MSN?

Thanks
 
Sort by date Sort by votes
Access-lists are your best option here. There used to be outbound commands that restricted outbound access for certain protocols but now it is done with access-lists.
Ex:access-list acl-inside deny tcp any any eq icmp
access-list acl-inside deny tcp any any eq 110
access-list acl-inside permit ip any any
Then to apply it is a little tricky:

access-group acl-inside in interface inside

Because the PIX lets everything out by default you have to apply the ACL to the inside interface coming back in.

Hope this helped!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
285
Sameer258
Sameer258
XLNTech1
  • Locked
  • Question
iptables port forwarding
Replies
0
Views
256
XLNTech1
XLNTech1
RodneyMcSnow
  • Locked
  • Question
TZ400 -how to prevent dns attacks
Replies
2
Views
90
RodneyMcSnow
RodneyMcSnow
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
304
Johnkite
Johnkite
xwray
  • Locked
  • Question
PIX 501 DHCP Server function
Replies
0
Views
61
xwray
xwray

Part and Inventory Search

Sponsor

Back
Top