Re: how to block specific port in Cisco FMC 6.3

shahzadali632425923 · ‎05-19-2020

Hi

I am using Cisco firepower 2110 with a virtual FMC 6.3 version.

could you guys please guide me how can I block a specific port in our FMC firewall.

Like I want to block 8080 port in my entire network because there is a proxy virus that is using 8080 port that's why I want to block this port.

Additionally, if I blocked a specific port how can I check in my FMC logs.

Thank in advance.

Michael ONeil · ‎05-19-2020

In your Access Control Policy, add a rule at the top, set the action to Block, set the source zone as inside and destination zone is outside. In the rule, select the port tab and in the destination port section choose TCP/8080 as the destination port. On the logging tab enable logging.

In Analysis Connections Event, select Edit to add a filter of events. In the General Section, set the Filter to include the specific rule name you just created, save this filter as a public so you or others can use it later. You will see the filter show up in the Global filters.

That is is. When you look at these specific events, make sure your Time parameters is big enough to see the events you want to see.

shahzadali632425923 · ‎05-19-2020

Thank for your reply.

Could you please guide further, I have already created a rule called URL Filter can I add the specific port which I want to block in this URL filtering rule or should I need to crated another rule for this?

Thank you in advance.