i've make a access-list and a ip inspect on e1 but when i make a port-scann, i recive that i have same port open and same port close but unsecure. can i solve?
Use command "access-list 101 deny tcp any any eq req_port" or "access-list 101 deny udp any any eq req_port" depending upon the port and the protocol you want to block. Following link may help you