06-25-2009 11:28 AM - edited 03-11-2019 08:48 AM
Pix 501 I have a device that I 1 - 1 translate from a private to a public so it can be accessed by techs off site. There is someone with an FTP attack on this public IP. Is there a way to block this Subnet from accessing the device?
06-25-2009 12:47 PM
You bet. Let's assume they are coming from 75.50.95.72 /29 network.
access-list outside_access deny tcp 75.50.95.72 255.255.255.248 any eq ftp
You will need to put this above the permit FTP statement.
06-26-2009 10:08 AM
Collin's way can work but what if the attacker changes their address. If possible you should get the IP addresses of the persons that are allowed to connect and change your access list to permit those addresses and block everything else.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide