04-04-2007 10:29 AM - edited 03-05-2019 03:18 PM
Hi Guys,
Do you know how to block IM's from PIX 535?.
Thx
04-10-2007 06:34 AM
In order to block connectivity to IM services, use Access Control Lists (ACLs) in order to block the ports that these clients use. This is a list of generic ports used with the messaging services currently available:
Common ports
Internet Relay Chat (IRC) - TCP 6667 and 6660 through 6670 (the default being 6667)
Common IRC - TCP 6665 through 6669
AOL Intern ICQ - TCP 5190, dyn greater than or equal to 1024
AOL Instant Messenger - TCP and User Datagram Protocol (UDP) 5190 through 5193
MSN - TCP 1863
Yahoo Voice Chat - TCP 5000 and 5001, and UDP 5000 through 5010
This is an example of an ACL that blocks the MSN traffic on the PIX outbound, while it permits all other traffic:
access-list block-msn deny tcp any any eq 1863
access-list block-msn permit ip any any
access-group block-msn in interface inside
Yahoo Messages - TCP 5050
Yahoo Webcams - TCP 5100
04-10-2007 06:42 AM
Thx breniz..
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide