We help IT Professionals succeed at work.

Blocking hosts using a PIX501

Bill Warren
Bill Warren asked
on
Medium Priority
258 Views
Last Modified: 2010-04-09
what command (if any) could I use to block ad hosts such as doubleclick.net and atdmt.com in my PIX 501. I have a whole list of hosts to block already.. I just wanted to get the correct command to do so.
Comment
Watch Question

Sr. Systems Engineer
CERTIFIED EXPERT
Top Expert 2008
Commented:
You cannot block hosts by dns domain name, only by IP address. you would have to use nslookup to resolve doubleclick.net and atdmt.com to IP addresses, then create a blocking acl in the pix:

Name:    doubleclick.net
Address:  216.73.92.112

Name:    www.atdmt.com
Address:  12.130.62.126

access-list deny_outbound deny ip any host 216.73.92.112
access-list deny_outbound deny ip any host 12.130.62.126
access-list deny_outbound permit ip any any
access-group deny_outbound in interface inside

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.