Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
298
Views
0
Helpful
2
Replies

PIX 515e Security Group

reeddavid
Level 1
Level 1

‎12-12-2007 06:09 AM - edited ‎02-21-2020 01:49 AM

I am having trouble finding a way to give different users access to different parts of my network. It looks like I can only limit access to everyone.

Any help would be great.

0 Helpful
2 Replies 2

Collin Clark
VIP Alumni
VIP Alumni

‎12-12-2007 11:19 AM

You can change the ACL from any to a host or range of IPs. For example here's an ACL that would block all the 192.168.10 /24 users but allow all other 192.168. users.

access-list inside_out extended deny 192.168.10.0 255.255.255.0 any eq 80

access-list inside_out extended permit 192.168.0.0 255.255.0.0 any eq 80

HTH

0 Helpful

1cmerchant
Level 1
Level 1

‎12-12-2007 01:01 PM

You can also use the object-group commands within ACL's to group similar objects together when they share common networks, ports, etc.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card