<div>
Thanks for the solution... but moust important.. thanks for the explication.<br />
regards!<br />
<br />
puchito
</div>


Thanks for the solution... but moust important.. thanks for the explication.
regards!

puchito

<div>
<div class="content wysiwyg-content">
Hi everyone, i have a pix 515 with 4 port switch integrated. I need to limit the internet traffic from inside to outside.<br />
this is my config:<br />
<br />
gotten(config)# sh access-list<br />
access-list cached ACL log flows: total 0, denied 0 (deny-flow-max 1024)<br />
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; alert-interval 300<br />
access-list INSIDE-OG-OUTWAN; 4 elements<br />
access-list INSIDE-OG-OUTWAN line 1 deny ip any any (hitcnt=35)<br />
access-list INSIDE-OG-OUTWAN line 2 permit tcp object-group RED-OG any eq domain<br />
access-list INSIDE-OG-OUTWAN line 2 permit tcp 10.2.1.0 255.255.255.0 any eq domain (hitcnt=0)<br />
access-list INSIDE-OG-OUTWAN line 3 permit udp object-group RED-OG any eq domain<br />
access-list INSIDE-OG-OUTWAN line 3 permit udp 10.2.1.0 255.255.255.0 any eq domain (hitcnt=0)<br />
access-list INSIDE-OG-OUTWAN line 4 permit tcp object-group RED-OG any eq www<br />
access-list INSIDE-OG-OUTWAN line 4 permit tcp 10.2.1.0 255.255.255.0 any eq www (hitcnt=0)<br />
<br />
But obviously not let me access the Internet<br />
<br />
my internet is in eth0 with security 0 &quot;OUTSIDE&quot;<br />
INSIDE-OG-OUTWAN is security 90<br />
and de acl is aplicated in interface INSIDE-OG<br />
<br />
thanks!
</div>
</div>


Hi everyone, i have a pix 515 with 4 port switch integrated. I need to limit the internet traffic from inside to outside.
this is my config:

gotten(config)# sh access-list
access-list cached ACL log flows: total 0, denied 0 (deny-flow-max 1024)
            alert-interval 300
access-list INSIDE-OG-OUTWAN; 4 elements
access-list INSIDE-OG-OUTWAN line 1 deny ip any any (hitcnt=35)
access-list INSIDE-OG-OUTWAN line 2 permit tcp object-group RED-OG any eq domain
access-list INSIDE-OG-OUTWAN line 2 permit tcp 10.2.1.0 255.255.255.0 any eq domain (hitcnt=0)
access-list INSIDE-OG-OUTWAN line 3 permit udp object-group RED-OG any eq domain
access-list INSIDE-OG-OUTWAN line 3 permit udp 10.2.1.0 255.255.255.0 any eq domain (hitcnt=0)
access-list INSIDE-OG-OUTWAN line 4 permit tcp object-group RED-OG any eq www
access-list INSIDE-OG-OUTWAN line 4 permit tcp 10.2.1.0 255.255.255.0 any eq www (hitcnt=0)

But obviously not let me access the Internet

my internet is in eth0 with security 0 "OUTSIDE"
INSIDE-OG-OUTWAN is security 90
and de acl is aplicated in interface INSIDE-OG

thanks!

BLOCK TRAFFIC FROM INSIDE TO OUTSIDE PIX 515

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).