topic Re: Access-list in PIX 506E in Network Security https://community.cisco.com/t5/network-security/access-list-in-pix-506e/m-p/491970#M528245 <HTML><HEAD></HEAD><BODY><P>Hi JC,</P><P></P><P>Change the access-list to:</P><P></P><P>access-list inside_access_in deny ip host 192.168.1.247 any</P><P>access-list inside_access_in permit ip any any </P><P></P><P>You blocked all non-TCP with your initial config. This would have blocked DNS and nothing much would have worked.</P><P></P><P>Hope that helps - pls rate posts that help.</P><P></P><P>Regards,</P><P>Paresh</P><P></P></BODY></HTML> Thu, 26 Jan 2006 09:54:22 GMT pkhatri 2006-01-26T09:54:22Z Access-list in PIX 506E https://community.cisco.com/t5/network-security/access-list-in-pix-506e/m-p/491969#M528243 <P>Dear All,</P><P></P><P>I would like to block a single IP in the LAN (inside network )to access to the Internet. The following is the configuration</P><P></P><P>access-list inside_access_in deny tcp host 192.168.1.247 any</P><P>access-list inside_access_in permit tcp any any</P><P>access-group inside_access_in in interface inside</P><P></P><P>But instead on one IP address the access-list has block the entire LAN to access the Internet</P><P></P><P>Kindly advise what is wrong with the configuration.</P><P></P><P>Thank you</P><P></P><P>JC</P> Fri, 21 Feb 2020 08:40:28 GMT https://community.cisco.com/t5/network-security/access-list-in-pix-506e/m-p/491969#M528243 jclim 2020-02-21T08:40:28Z Re: Access-list in PIX 506E https://community.cisco.com/t5/network-security/access-list-in-pix-506e/m-p/491970#M528245 <HTML><HEAD></HEAD><BODY><P>Hi JC,</P><P></P><P>Change the access-list to:</P><P></P><P>access-list inside_access_in deny ip host 192.168.1.247 any</P><P>access-list inside_access_in permit ip any any </P><P></P><P>You blocked all non-TCP with your initial config. This would have blocked DNS and nothing much would have worked.</P><P></P><P>Hope that helps - pls rate posts that help.</P><P></P><P>Regards,</P><P>Paresh</P><P></P></BODY></HTML> Thu, 26 Jan 2006 09:54:22 GMT https://community.cisco.com/t5/network-security/access-list-in-pix-506e/m-p/491970#M528245 pkhatri 2006-01-26T09:54:22Z Re: Access-list in PIX 506E https://community.cisco.com/t5/network-security/access-list-in-pix-506e/m-p/491971#M528249 <HTML><HEAD></HEAD><BODY><P>Hi Raresh,</P><P></P><P>It's working now</P><P></P><P>TQ</P><P></P><P>JC</P></BODY></HTML> Thu, 26 Jan 2006 10:21:32 GMT https://community.cisco.com/t5/network-security/access-list-in-pix-506e/m-p/491971#M528249 jclim 2006-01-26T10:21:32Z