I have ASA5510 set up. By using NAT, the inside hosts can access internet. If I want to just block certain hosts, for example (ip: 192.168.1.112) to access internet. How do I do it?
Network Security
Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Adaptive Security Appliance, Secure Firewall Management Center, and Security Cloud Control.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Network Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AAA
(9) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(87) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(3) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,626) -
Cisco Bugs
(55) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(149) -
Cisco Firepower Device Manager (FDM)
(812) -
Cisco Firepower Management Center (FMC)
(2,909) -
Cisco Firepower Threat Defense (FTD)
(3,163) -
Cisco Press Cafe
(1) -
Cisco Secure Firewall Device Management (FDM)
(45) -
Cisco Secure Firewall Management Center (FMC)
(236) -
Cisco Secure Firewall Threat Defense (FTD)
(286) -
Cisco Security Cloud Control
(16) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(19) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(46) -
Cloud
(1) -
Cloud Provisioning
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(31) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(14) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(264) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(37) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(4) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,580) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
IPv6 Configuration
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(324) -
MPLS
(1) -
Multicloud Defense
(3) -
Network Management
(93) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,594) -
NGIPS
(1,874) -
Online Tools and Resources
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(4) -
Other Firewalls
(1) -
Other NAC
(18) -
Other Network
(2) -
Other Network Security Topics
(10,791) -
Other Networking
(9) -
Other Routers
(9) -
Other Routing
(24) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(12) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(21) -
Policy and Access
(2) -
Prioritization
(3) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(9) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(4) -
Security Management
(645) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(5) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(6) -
Threat Defense
(1) -
Threat Grid
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(28) -
VPN and AnyConnect
(1) -
Vulnerability Management
(46) -
WAN
(8) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous
- Next »
Forum Posts
Can you configure a network filter to allow a remote client to only access certain hosts in a subnet?We have a support company the we would like to limit access to only two servers in two different subnets, is that possible?
Hi guys.I want to know if anyone can tell me if it is possible to configurate a 2800 router with the feature Zone-Based Policy Firewall and using a NM-CIDS as IDS.The idea is put the 2800 between wireless zones and pass the traffic over the NM-CIDS.T...
Hello:I'm getting the following types of log messages on my asa 5505 7.2.65.32.5.74 PublicIP Deny udp src outside:65.32.5.74/53 dst inside:PublicIP/10521 by access-group "outside_access_in" [0x0, 0x0]Basically another DNS server is trying to get some...
In the RME collection status partially successfull config archive; some hosts are showing errors which read as follows:" CM0012: Unable to create new version $1 Action: check if disk space is available and directory has required permissions "The unit...
I have recently consolidated my infrastructure and moved a few websites from DataCenter1 to DataCenter2. DC1 was running a PIX 515 with 6.3.x IOS. DC2 was running an ASA 5510 with 7.0.4 IOS and has been for 18 months.The websites that were moved from...
We bought 2 IDSMs, and currently are in the stage of evaluating different Management & Monitoring software, like MARS,Enterasys, etc, and would appreciate your hands-on experience and comments. thanks.
One of my failover pair of ASA 5520s need to be replaced. It is the primary unit. Will the following commands suffice:interface GigabitEthernet0/3 description LAN/STATE Failover Interface speed 1000 duplex fullfailoverfailover lan unit primaryfailove...
I found that PCs behind the ASA 5510 are not able to ping any outside ip addresses including the firewall's outside NIC ip. However, users are able to browse any websites as usual. I am new to cisco's firewall. Could someone adviseme on how to troubl...
When configuring isakmp key "keyname" address x.x.x.x netmask y.y.y.y - what are the allowed characters for the shared key? I did a search and found several articles that said it could be alphanumeric. I have some existing connections that are using ...
Hi,We upgraded a pair of 515e's last night from 7.2.2 to 7.2.2.22.The upgrade was fine, however when we tested both L2L and Client based VPN connections we hit issues and were finally forced to roll back to 7.2.2 due to time constraints.Our problem w...
Hi All,Here is my dilemma,I have 2x ASA 5520 v802 running multiple context and failover.I also have the AIP-SSM-20 module installed in each running v516E1.My problem is that I am unable to allocate an ips sensor to a context.I receive no output from ...
I am attempting to migrate from 515's to 5520's. Due to the ASA having fewer eth interfaces than the PIX, I am trying to bring two DMZ's (both on 2950 switches)in to a switch (also a 2950, which I'll call the "bridge") on separate VLAN's, then bring ...
I have some home managed to break my outgoing VPN connections. We connect to a clients site via Cisco VPN and I originaly got it to work by createing a Dynamic NAT statment NATTIng to .120-.124 of our public IP addresses. Somehow I have managed to br...
I am unable to access a windows 2003 server at a remote location. The server does communicate with an interface server on my side just fine. I can ping and trace route to the server with no issues. Everything seems to be ok EXCEPT when I try to RDP t...
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 06-10-2026 08:08 PM | ||
| 05-26-2026 07:54 AM | ||
| 05-02-2026 06:09 AM | ||
| 04-30-2026 12:46 AM | ||
| 04-24-2026 07:04 AM |
New solutions
