Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
928
Views
0
Helpful
4
Replies

using object-group

mindorewala
Community Member

‎07-29-2005 06:24 PM - edited ‎03-09-2019 12:00 PM

I would like to block all ports by default on outside interface on firewall.

Only selected ports should be open.

Pls. find the attached firewall config.

If i remove the below line from config (page 1: second last line)

access-list intf2_access_in permit ip any any

(page 2: 3rd line from top)

access-list outside_access_in permit ip any any

traffic doesn't flow.

What could be wrong and how can we resolve and apply object group for port blocking.

Labels:
4480-PIX 515E Config.doc
0 Helpful
4 Replies 4

mehrdad
Level 7
Level 7

‎07-29-2005 08:06 PM

check this out :

access-list intf2_access_in permit tcp any any eq object-group allow

Regards,

Mehrdad Arshad Rad

0 Helpful

mindorewala
Community Member
In response to mehrdad

‎07-30-2005 04:56 AM

any effect on the NAT, if i apply this statement!!!!

Thanx a million

Regards,

Mustafa Indorewala

0 Helpful

mindorewala
Community Member
In response to mehrdad

‎07-31-2005 12:05 AM

I checked this command, but it doesn't accept.

Regards,

Mustafa

0 Helpful

mehrdad
Level 7
Level 7
In response to mindorewala

‎07-31-2005 12:20 AM

use it without 'eq' operator, like below :

access-list intf2_access_in permit tcp any any object-group allow

0 Helpful
Customers Also Viewed These Support Documents