Block range of ports cisco pix 515e

I need to block a range of ports, for all inside ip addresses. the port range is 6881-6999, I tried the lines below, but it cut off all traffic to the internet. The hardware is a cisco pix 515e 6.3(4). All of the traffic will be coming from the inside interface, destined for the internet. Can anyone tell the CLI syntax to do this?


access-list acl_inside deny tcp any any range 6881 6999
access-group acl_inside in interface inside
ptuttle1319Asked:
Who is Participating?
 
RPPreacherConnect With a Mentor Commented:

access-list acl_inside deny tcp any any range 6881 6999
access-list acl_inside permit ip any any eq http
access-list acl_inside permit ip any any eq https

access-group acl_inside in interface inside

Access-lists end with an implied deny all
0
 
ptuttle1319Author Commented:
I had to change it to the syntax below to get it to work, seems to be good to go now.

access-list acl_inside permit tcp any any eq http
access-list acl_inside permit tcp any any eq https
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.