Deny port 1106 but looks like its still going out

I've blocked port 1106 with

access-list 103 deny tcp any any eq 1106
access-list 103 deny udp any any eq 1106
for outbound

and

access-list 102 deny tcp any any eq 1106
access-list 102 deny udp any any eq 1106
for inbound

but in my syslog from the PIX 515 it shows
2006-09-07 21:09:50      Local4.Info      192.168.10.1      Sep 07 2006 16:43:54: %PIX-6-302015: Built outbound UDP connection 490 for outside:192.35.51.30/53 (192.35.51.30/53) to inside:192.168.10.4/1106 (1.14.8.9/1030)
2006-09-07 21:09:50      Local4.Info      192.168.10.1      Sep 07 2006 16:43:54: %PIX-6-302016: Teardown UDP connection 490 for outside:192.35.51.30/53 to inside:192.168.10.4/1106 duration 0:00:01 bytes 175
2006-09-07 21:09:51      Local4.Info      192.168.10.1      Sep 07 2006 16:43:55: %PIX-6-302016: Teardown UDP connection 387 for outside:12.127.17.72/53 to inside:192.168.10.4/1106 duration 0:00:27 bytes 98

Shouldn't it be showing denied???

Help please.

Thanks.
LVL 1
SaratogaTechAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

rsivanandanCommented:
The access-list above basically will 'Deny' connection to port 1106 if tried to open outside or inside.

But basically this is a different case you have in the logs there.

1. From inside network, if you were to try to connect to any service on port 1106, then the acl will block it. In this case, it is trying to connect to 53 and not 1106. The 1106 information is on the source side.

>> 192.168.10.4/1106 =>Source side. BUT for pix after translation it is 1.14.8.9/1030

2. From outside network, if somebody tries to connect to any service 1106, it will be dropped.

You can try to set it up by running a simple webserver internally on port 1106 and create necessary statics and then try to connect to it as http://webserverpublicip:1106

That connection will be killed.

Cheers,
Rajesh

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.