PIX 515e Security Group

Unanswered Question
Dec 12th, 2007
User Badges:

I am having trouble finding a way to give different users access to different parts of my network. It looks like I can only limit access to everyone.

Any help would be great.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Collin Clark Wed, 12/12/2007 - 11:19
User Badges:
  • Purple, 4500 points or more

You can change the ACL from any to a host or range of IPs. For example here's an ACL that would block all the 192.168.10 /24 users but allow all other 192.168. users.

access-list inside_out extended deny any eq 80

access-list inside_out extended permit any eq 80


1cmerchant Wed, 12/12/2007 - 13:01
User Badges:

You can also use the object-group commands within ACL's to group similar objects together when they share common networks, ports, etc.


This Discussion