Jun 29, 2007 #1 D DooLocsta [H]ard|Gawd Joined Jan 26, 2005 Messages 1,884 I need to know how to do TCP/IP port based filtering on a Cisco PIX 515e software is 6.3. Any help would be appreciated.
I need to know how to do TCP/IP port based filtering on a Cisco PIX 515e software is 6.3. Any help would be appreciated.
Jun 29, 2007 #2 B blazeking Weaksauce Joined Nov 16, 2004 Messages 126 Rememeber that anything you deny will explicitly allow everything else. A good rule is to deny everything, then permit specific ip/ports. Here's the basic syntax: pix(config)# access-list (acl_name) permit/deny tcp any host (ip address) eq (port) So this is an example: pix(config)# access-list external_acl permit tcp any host 192.168.1.101 eq ftp You'll have to setup the access-group to the interface: pix(config)# access-group (acl_name) in interface (interface_name) example: access-group external_acl in interface external Hope that helps!
Rememeber that anything you deny will explicitly allow everything else. A good rule is to deny everything, then permit specific ip/ports. Here's the basic syntax: pix(config)# access-list (acl_name) permit/deny tcp any host (ip address) eq (port) So this is an example: pix(config)# access-list external_acl permit tcp any host 192.168.1.101 eq ftp You'll have to setup the access-group to the interface: pix(config)# access-group (acl_name) in interface (interface_name) example: access-group external_acl in interface external Hope that helps!
Jun 29, 2007 #3 J jvlazzar Weaksauce Joined Sep 26, 2006 Messages 107 access lists... cisco.com netcraftsmen
Jun 29, 2007 #4 D DooLocsta [H]ard|Gawd Joined Jan 26, 2005 Messages 1,884 Thanks for the replies guys.