Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1727
Views
5
Helpful
5
Replies

Re-doing firewall rules

harrisgirls
Level 1
Level 1

‎04-27-2012 11:00 AM - edited ‎03-07-2019 06:22 AM

Hi,

I want to lock down my firewall, basically anyone on the inside of the network can connect to any resource to the internet (msn, torrents, rdp etc etc).

I want to lock down my firewall so that only http, https, smtp is allowed (i can add more later).

What command lines would I do for the following there?

Labels:
0 Helpful
5 Replies 5

Henrik Grankvist
Level 4
Level 4

‎04-27-2012 11:27 AM

Are you using Cisco IOS firewall or ASA?

0 Helpful

harrisgirls
Level 1
Level 1
In response to Henrik Grankvist

‎04-27-2012 11:51 AM

Cisco PIX 515

0 Helpful

harrisgirls
Level 1
Level 1
In response to harrisgirls

‎04-27-2012 03:51 PM

anyone

0 Helpful

harrisgirls
Level 1
Level 1
In response to harrisgirls

‎04-29-2012 09:55 AM

Is anyone able to help?

0 Helpful

John Blakley
VIP Alumni
VIP Alumni
In response to harrisgirls

‎04-29-2012 10:09 AM

If you don't have an acl on the inside interface, the Pix allows all traffic out by default. In order to control what goes out, you'll need an acl Anything that's not in the list will be denied. To do this on the Pix would be like the following:

access-list INSIDE permit tcp any any eq 443

access-list INSIDE permit tcp any any eq 80

access-list INSIDE permit tcp any any eq 25

access-group INSIDE in interface Inside

HTH,

John

Please rate all useful posts...

HTH, John *** Please rate all useful posts ***
Customers Also Viewed These Support Documents