https://community.cisco.com/t5/network-security/blocking-inbound-traffic-on-fwsm/m-p/901494#M973150 <HTML><HEAD></HEAD><BODY><P>You should put the access list on the interface of fwsm which is connected to the server in the inbound direction. This will block all conection attempts to the server from the outside. However the server will still be listening to port 80 if web server or HTTP server is running on it. Disable HTTP server or block port 80 manually on the server to disable server from listening to port 80.</P></BODY></HTML> Tue, 30 Oct 2007 21:25:15 GMT amritpatek 2007-10-30T21:25:15Z https://community.cisco.com/t5/network-security/blocking-inbound-traffic-on-fwsm/m-p/901493#M973149 <P>We have a server which should not listen on port 80 on FWSM. Tried blocking traffic using access-list WEBSERVERS_access_out extended deny tcp host 10.80.201.95 eq www any but didnt work. Need a solution with out using explicit deny statements towards this server/port on other interfaces.</P> Mon, 11 Mar 2019 11:30:14 GMT https://community.cisco.com/t5/network-security/blocking-inbound-traffic-on-fwsm/m-p/901493#M973149 aksher 2019-03-11T11:30:14Z https://community.cisco.com/t5/network-security/blocking-inbound-traffic-on-fwsm/m-p/901494#M973150 <HTML><HEAD></HEAD><BODY><P>You should put the access list on the interface of fwsm which is connected to the server in the inbound direction. This will block all conection attempts to the server from the outside. However the server will still be listening to port 80 if web server or HTTP server is running on it. Disable HTTP server or block port 80 manually on the server to disable server from listening to port 80.</P></BODY></HTML> Tue, 30 Oct 2007 21:25:15 GMT https://community.cisco.com/t5/network-security/blocking-inbound-traffic-on-fwsm/m-p/901494#M973150 amritpatek 2007-10-30T21:25:15Z