Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
463
Views
0
Helpful
3
Replies

Methods to block port in pix

haseeb_eng
Level 1
Level 1

‎04-30-2003 10:48 PM - edited ‎02-20-2020 10:42 PM

I want to block some multimedia ports of some specific users on pix firewall . can you please tell me the methods and commands used in it . Your help will be highly appreciated in it .

0 Helpful
3 Replies 3

vikrantarora
Level 1
Level 1

‎05-01-2003 05:14 AM

You have to write an access list and then apply it to an interface. In the configuration shown below, replace 9999 with the multimedia port number you want to block.

The following access-list would block tcp port number 9999 for the

204.14.253.0 255.255.255.0 subnet. I am giving the name acl_in to the access list.

access-list acl_in deny tcp 204.14.253.0 255.255.255.0 any eq 9999

The kewyword 'any' means anywhere on the internet.

If you want to block only for specific hosts (let's say 204.142.253.55), you can write the access-list with the keyword 'host' as shown

access-list acl_in deny tcp host 204.14.253.55 any eq 9999

You can write multiple access-lists for multiple hosts.

In order to apply the access lists to the interface named inside, use:

access-group acl_in in interface inside

'in' is a keyword meaning inbound traffic.

hope that helps!

vik

0 Helpful

haseeb_eng
Level 1
Level 1
In response to vikrantarora

‎05-03-2003 01:13 AM

thanks for the information , and for multimedia applications do i need to modify changes in fixup protocol commands like fixup protocol h323 1720

0 Helpful

gfullage
Cisco Employee
Cisco Employee
In response to haseeb_eng

‎05-04-2003 09:47 PM

You shouldn't need to touch the fixups if you want to just block specific ports.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card