Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
577
Views
0
Helpful
3
Replies

Blocking outgoing traffic on 4.4

m.long
Level 1
Level 1

‎11-27-2001 07:33 AM - edited ‎03-08-2019 09:16 PM

I have come across a new client who is using a pix 515 with ver 4.4.

I want to limit outgoing traffic to only 80,443,21 and ideally only a couple of pcs.

I assume I should be using the conduit command but I can work out how to apply it.

Labels:
0 Helpful
3 Replies 3

brford
Cisco Employee
Cisco Employee

‎11-27-2001 03:28 PM

No. You don't need conduits. They poke holes through from the outside.

Use access lists instead.

Liberty for All,

Brian

Brian Ford | brford@cisco.com | brford@yahoo.com | 51 75 61 6c 69 74 79 20 6d 65 61 6e 73 20 64 6f 69 6e 67 20 69 74 20 72 69 67 68 74 20 77 68 65 6e 20 6e 6f 20 6f 6e 65 20 69 73 20 6c 6f 6f 6b 69 6e 67 2e | Email me when you figure this out.
0 Helpful

rkrist
Level 1
Level 1
In response to brford

‎11-27-2001 04:48 PM

access-lists ? in 4.4?

no way, go for outbound and apply instead:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v44/pix44cfg/pix44cmd.htm#xtocid892831

regards

ralf krist

0 Helpful

thompson
Level 1
Level 1

‎12-03-2001 12:41 PM

You may want to consider an IOS upgrade (if you can) but for 4.4 yopu would need something like this. Don't forget DNS!!!

outbound 1 permit 0.0.0.0 0.0.0.0 80 tcp

outbound 1 permit 0.0.0.0 0.0.0.0 443 tcp

outbound 1 permit 0.0.0.0 0.0.0.0 21 tcp

outbound 1 permit 0.0.0.0 0.0.0.0 53 udp

outbound 1 deny 0.0.0.0 0.0.0.0

apply (inside) 1 outgoing_src

0 Helpful
Customers Also Viewed These Support Documents