cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
323
Views
0
Helpful
1
Replies

Limiting outbound access through a pix 515

brown.larry
Level 1
Level 1

Can someome please help:

I need to limit a group of IP addresses that access the Internet through a PIX 515. I only want them to have access to 20 or so web sites.

I only want IP-address(inside) to be able to access IP-address_1(outside),IP-address_2(outside), and IP-address_3(outside)...

Thanks,

Larry

1 Reply 1

oniant
Level 1
Level 1

you will have to put together an access-l on the inside interface of the firewall. It would be like this:

access-list 110 permit tcp ipaddressinside netmask host ipaddress_1 eq www

access-list 110 permit tcp ipaddressinside netmask host ipaddress_2 eq www

access-list 110 deny tcp ipaddressinside netmask host ipaddress_2 eq www

access-list 110 deny tcp ipaddressinside netmask host ipaddress_1 eq www

It would be a lot easier if the group of ip addresses are all within a subnet rather than just individual adresses.

Review Cisco Networking for a $25 gift card