11-27-2001 07:33 AM - edited 03-08-2019 09:16 PM
I have come across a new client who is using a pix 515 with ver 4.4.
I want to limit outgoing traffic to only 80,443,21 and ideally only a couple of pcs.
I assume I should be using the conduit command but I can work out how to apply it.
11-27-2001 03:28 PM
No. You don't need conduits. They poke holes through from the outside.
Use access lists instead.
Liberty for All,
Brian
11-27-2001 04:48 PM
access-lists ? in 4.4?
no way, go for outbound and apply instead:
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v44/pix44cfg/pix44cmd.htm#xtocid892831
regards
ralf krist
12-03-2001 12:41 PM
You may want to consider an IOS upgrade (if you can) but for 4.4 yopu would need something like this. Don't forget DNS!!!
outbound 1 permit 0.0.0.0 0.0.0.0 80 tcp
outbound 1 permit 0.0.0.0 0.0.0.0 443 tcp
outbound 1 permit 0.0.0.0 0.0.0.0 21 tcp
outbound 1 permit 0.0.0.0 0.0.0.0 53 udp
outbound 1 deny 0.0.0.0 0.0.0.0
apply (inside) 1 outgoing_src
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide