Configure PIX for deny a internal IP access Internet
Posted on 2009-12-16
I'm configuring a PIX firewall, I need to block all outgoing traffic on a machine the ip is 192.168.5.115. here is the brief configuration:
access-list 155 permit tcp host 192.168.4.249 any eq smtp
access-list 155 deny tcp any any eq smtp
access-list 155 deny ip host 192.168.5.115 any
access-list 155 permit ip any any
access-group 155 in interface inside
But that computer seems still be able to access internet, what's wrong with the configuration?
Thank you very much!