asked on

Please provide step by step commands to block website access to particular site on Cisco Pix 501

Could someone please provide step by step instructions on how to setup access list for Cisco PIX 501 that does not currently have any rules for blocking a website from surfing. Please provide me instructions after I have entered the "enable" mode.

Thanks!

damalano

Make a static dns entry on your internal dns server for the sites you want to block and then block that ip address in your pix with an outgonig access list.

damalano

you can also setup a bogus ip for the sites in your dns.
Only if they know the ip they can reach the sites.
so then you do not have to use the pix or buy websense ore somethinglike that.

ASKER CERTIFIED SOLUTION

microdome7

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

damalano

First.: there is a way of blocking sites in cisco. You have to buy it and even then if you are a newbie you will not be able to do it. (Websense)
Second : If you are a newbie it is not that easy to provide an access-list only ( step by step )

So the easiest way of doing this take an bogus ip address in your own network 11.11.111.11 and make a static entry in your dns server pointing to this bogus ip
example : www.youtube.com = 11.111.111.11
If an client inside wants to connect and uses this dns server he wil be pointed somewere bogus.

This is the easiest way !!!!!!!!!!!!!

also look at this:
https://www.experts-exchange.com/questions/23782422/Configure-website-filtering-on-Cisco-router.html