Blocking hosts using a PIX501

what command (if any) could I use to block ad hosts such as doubleclick.net and atdmt.com in my PIX 501. I have a whole list of hosts to block already.. I just wanted to get the correct command to do so.
Bill WarrenIT ManagerAsked:
Who is Participating?
 
lrmooreConnect With a Mentor Commented:
You cannot block hosts by dns domain name, only by IP address. you would have to use nslookup to resolve doubleclick.net and atdmt.com to IP addresses, then create a blocking acl in the pix:

Name:    doubleclick.net
Address:  216.73.92.112

Name:    www.atdmt.com
Address:  12.130.62.126

access-list deny_outbound deny ip any host 216.73.92.112
access-list deny_outbound deny ip any host 12.130.62.126
access-list deny_outbound permit ip any any
access-group deny_outbound in interface inside
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.