ptuttle1319
asked on
Block range of ports cisco pix 515e
I need to block a range of ports, for all inside ip addresses. the port range is 6881-6999, I tried the lines below, but it cut off all traffic to the internet. The hardware is a cisco pix 515e 6.3(4). All of the traffic will be coming from the inside interface, destined for the internet. Can anyone tell the CLI syntax to do this?
access-list acl_inside deny tcp any any range 6881 6999
access-group acl_inside in interface inside
access-list acl_inside deny tcp any any range 6881 6999
access-group acl_inside in interface inside
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
access-list acl_inside permit tcp any any eq http
access-list acl_inside permit tcp any any eq https