Blocking HTTP, Allowing POP3

tstay-205 · ‎09-07-2007

We have a Cisco Pix 515E firewall. We would like to restrict a workstation from serving the Internet (HTTP) but allowing it to use the POP3. Can someone guide us on how to do it?

rajbhatt · ‎09-07-2007

Hi,

Ur requirement is not clear .

Is it that u want that machine to access only outbound pop3 and restrict outbound hhtp

If that isthe case :

u can try these :

nat (inside) 1 x.x.x.x 255.255.255.255

global(outside) 1 interaface

access-list abc deny host x.x.x.x any eq http(to check the hit counts)

access-list abc permit host x.x.x.x any eq pop3

access-gr abc in interface inside

Raj

tstay-205 · ‎09-09-2007

I want to restrict the machine from surfing the Internet, but allow them to receive email through POP3...

So do I just need to replace the x.x.x.x with the IP address?

And where do I enter these codes?

Thank you.