• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 611
  • Last Modified:

How do I block an outbound connection to an IP address? Cisco ASAA-5510

I have a Cisco ASA-5510 and I'm not comfortable with experimenting with command-line settings.  I use the ASDM.
My ISP is claiming someone in my network is maliciously attacking a a certain public IP.  I disagree but still want to block any inside traffic from reaching that outside IP address.
I don't think the ASDM will allow me to write an outbound rule on the outside interface.  I have the following line hoping to block anyone on the "inside" interface from getting out.:
access-list inside_access_in extended deny ip any 91.20.0.0 255.255.0.0
Is this a correct entry to block any IP traffic from the inside from reaching the 91.20.0.0 network in the real world?
If it is, then my ISP's claim that we're the source is incorrect.
0
davehansen22
Asked:
davehansen22
1 Solution
 
kf4zmtCommented:
Yes, that should do it.  Just don't forget to apply the ACL to your inside interface (unless it is already of course).  You can always do a "sh access-list inside_access_in" and see if that particular line has any hits.  If so, then it is blocking traffic to that address range.
0
 
davehansen22Author Commented:
Thanks very much.  -Dave
0

Featured Post

Identify and Prevent Potential Cyber-threats

Become the white hat who helps safeguard our interconnected world. Transform your career future by earning your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now