https://community.cisco.com/t5/network-security/pix-515-need-to-blocking-gotomypc-com/m-p/363704#M590622 <HTML><HEAD></HEAD><BODY><P>you must apply this to an interface like this:</P><P></P><P>access-list 120 deny tcp any 216.187.82.0 255.255.255.0</P><P></P><P>access-list 120 permit ip any any </P><P>access-group 120 in interface inside</P></BODY></HTML> Tue, 01 Mar 2005 18:56:08 GMT bklambdin 2005-03-01T18:56:08Z https://community.cisco.com/t5/network-security/pix-515-need-to-blocking-gotomypc-com/m-p/363701#M590611 <P>Hello,</P><P></P><P>Need someone to review the changes being made:</P><P></P><P>Need to block gotomypc.com on a PIX 515. Based on my research a host called poll.gotomypc.com (66.151.158.177) needs to blocked to prevent users.</P><P></P><P>Here is what I am planning to add to the config:</P><P></P><P>access-list 100 deny tcp 192.168.0.0 255.255.255.0 host 66.151.158.177 eq any</P><P>access-list 100 permit ip any any </P><P></P><P>Would this config work. The LAN is 192.168.x.x based.</P><P></P><P>Thanks,</P><P>Frank</P> Fri, 21 Feb 2020 07:59:03 GMT https://community.cisco.com/t5/network-security/pix-515-need-to-blocking-gotomypc-com/m-p/363701#M590611 FRahman 2020-02-21T07:59:03Z https://community.cisco.com/t5/network-security/pix-515-need-to-blocking-gotomypc-com/m-p/363702#M590615 <HTML><HEAD></HEAD><BODY><P>Hi frank,</P><P></P><P>Yeah this would work, if TCP is the control protocol. If you dont need any access to that site, you can just deny ip for that IP</P><P></P><P>access-list 100 deny ip 192.168.0.0 255.255.255.0 host 66.151.158.177</P><P>access-list 100 permit ip any any</P><P></P><P>this will deny both tcp and udp connections to that ip.</P><P></P><P>If you have a proxy server, you can use URL based filtering in that, if you need to block many more such websites.</P><P></P><P>hope this helps.</P><P></P><P>Raj</P></BODY></HTML> Tue, 01 Mar 2005 08:22:01 GMT https://community.cisco.com/t5/network-security/pix-515-need-to-blocking-gotomypc-com/m-p/363702#M590615 sachinraja 2005-03-01T08:22:01Z https://community.cisco.com/t5/network-security/pix-515-need-to-blocking-gotomypc-com/m-p/363703#M590619 <HTML><HEAD></HEAD><BODY><P>Yes this should work, if you want to have a more detailed overview how this service works, then check out this practial paper on the GIAC web site.</P><P></P><P><A class="jive-link-custom" href="http://www.giac.org/certified_professionals/practicals/gcia/0676.php" target="_blank">http://www.giac.org/certified_professionals/practicals/gcia/0676.php</A></P><P></P><P>sincerely</P><P>Patrick</P></BODY></HTML> Tue, 01 Mar 2005 14:45:10 GMT https://community.cisco.com/t5/network-security/pix-515-need-to-blocking-gotomypc-com/m-p/363703#M590619 Patrick Iseli 2005-03-01T14:45:10Z https://community.cisco.com/t5/network-security/pix-515-need-to-blocking-gotomypc-com/m-p/363704#M590622 <HTML><HEAD></HEAD><BODY><P>you must apply this to an interface like this:</P><P></P><P>access-list 120 deny tcp any 216.187.82.0 255.255.255.0</P><P></P><P>access-list 120 permit ip any any </P><P>access-group 120 in interface inside</P></BODY></HTML> Tue, 01 Mar 2005 18:56:08 GMT https://community.cisco.com/t5/network-security/pix-515-need-to-blocking-gotomypc-com/m-p/363704#M590622 bklambdin 2005-03-01T18:56:08Z https://community.cisco.com/t5/network-security/pix-515-need-to-blocking-gotomypc-com/m-p/363705#M590628 <HTML><HEAD></HEAD><BODY><P>Thanks everyone for the input, I will attempt Brian's suggestion and let you know how it goes.</P><P></P><P>Frank</P></BODY></HTML> Fri, 04 Mar 2005 01:33:35 GMT https://community.cisco.com/t5/network-security/pix-515-need-to-blocking-gotomypc-com/m-p/363705#M590628 FRahman 2005-03-04T01:33:35Z https://community.cisco.com/t5/network-security/pix-515-need-to-blocking-gotomypc-com/m-p/363706#M590638 <HTML><HEAD></HEAD><BODY><P>Hello again,</P><P></P><P>I attemped the following changes to PIX config but it did not block the traffic. I could still ping the host and the users could still gain access to gotomypc.com access.</P><P></P><P>here is the config changes that were typed into the PIX:</P><P></P><P>access-list 120 deny tcp any 66.151.158.177 55.255.255.255 </P><P></P><P>access-list 120 permit ip any any </P><P>access-group 120 in interface inside</P><P></P><P>Any further suggestions.</P></BODY></HTML> Thu, 10 Mar 2005 07:16:03 GMT https://community.cisco.com/t5/network-security/pix-515-need-to-blocking-gotomypc-com/m-p/363706#M590638 FRahman 2005-03-10T07:16:03Z https://community.cisco.com/t5/network-security/pix-515-need-to-blocking-gotomypc-com/m-p/363707#M590642 <HTML><HEAD></HEAD><BODY><P>If I do an nslookup on gotomypc.com, dns comes back with 66.151.158.183. Open up your command prompt and do an c:\nslookup gotomypc.com [return] and see what you get. So maybe they changed their IP address or are changing it often. So try that IP.</P><P></P><P>Also, to keep your users from going to a site, you could block from the inside interface, eg., deny any going to that IP, then you have to put a permit any any and put the group on the inside interface.</P><P>HTH</P></BODY></HTML> Thu, 10 Mar 2005 15:01:51 GMT https://community.cisco.com/t5/network-security/pix-515-need-to-blocking-gotomypc-com/m-p/363707#M590642 stalljh 2005-03-10T15:01:51Z https://community.cisco.com/t5/network-security/pix-515-need-to-blocking-gotomypc-com/m-p/363708#M590645 <HTML><HEAD></HEAD><BODY><P>Well, looking again....I see their are 2 urls, one is poll.gotomypc.com and the other is just gotomypc.com, which are two different IPs, .177 and 183 in the last octet. And I see you are blocking on the inside interface, so just add another line in acl 120 to block .183 and apply the group to the inside interface.</P><P>HTH</P></BODY></HTML> Thu, 10 Mar 2005 15:09:55 GMT https://community.cisco.com/t5/network-security/pix-515-need-to-blocking-gotomypc-com/m-p/363708#M590645 stalljh 2005-03-10T15:09:55Z