?
Solved

Block range of ports cisco pix 515e

Posted on 2006-11-20
2
Medium Priority
?
842 Views
Last Modified: 2013-11-16
I need to block a range of ports, for all inside ip addresses. the port range is 6881-6999, I tried the lines below, but it cut off all traffic to the internet. The hardware is a cisco pix 515e 6.3(4). All of the traffic will be coming from the inside interface, destined for the internet. Can anyone tell the CLI syntax to do this?


access-list acl_inside deny tcp any any range 6881 6999
access-group acl_inside in interface inside
0
Comment
Question by:ptuttle1319
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 20

Accepted Solution

by:
RPPreacher earned 2000 total points
ID: 17981641

access-list acl_inside deny tcp any any range 6881 6999
access-list acl_inside permit ip any any eq http
access-list acl_inside permit ip any any eq https

access-group acl_inside in interface inside

Access-lists end with an implied deny all
0
 

Author Comment

by:ptuttle1319
ID: 17981725
I had to change it to the syntax below to get it to work, seems to be good to go now.

access-list acl_inside permit tcp any any eq http
access-list acl_inside permit tcp any any eq https
0

Featured Post

Plug and play, no additional software required!

The ATEN UE3310 USB3.1 Gen1 Extender Cable allows users to extend the distance between the computer and USB devices up to 10 m (33 ft). The UE3310 is a high-quality, cost-effective solution for professional environments such as hospitals, factories and business facilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
When speed and performance are vital to revenue, companies must have complete confidence in their cloud environment.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question