I have a pix
515E and would like to block traffic of certin ip subnets.
I am receiving so many hits from there to my email server SMTP port.
i manually blocked ip
220.127.116.11 ip's from china and creating spam on my mail server.
insted of each ip i want to block 18.104.22.168 and 22.214.171.124
how can i get this done ?
thanx for the response jon
i am not alot fimilier with pix but from the web interface (PDM) i added rule like this and its blocking traffic from that ip
access-list acl_out_to_in line 40 extended deny object-group DM_INLINE_SERVICE_1 host 126.96.36.199 any 0x960c8531
access-list acl_out_to_in line 40 extended deny ip host 188.8.131.52 any (hitcnt=21650) 0x47f4e704
access-list acl_out_to_in line 40 extended deny tcp host 184.108.40.206 any (hitcnt=0) 0xe6059313
access-list acl_out_to_in line 40 extended deny tcp host 220.127.116.11 any eq smtp (hitcnt=0) 0x7e703e53
what i would like to do is block everything from the ip 18.104.22.168 - 22.214.171.124 all hosts. is it possible ?
access-list acl_out_to_in deny tcp 126.96.36.199 255.255.255.0 any eq smtp
note instead of "any" you could actually put the SMTP server address - it's public IP.
If you want to deny all IP
access-list acl_out_to_in deny ip 188.8.131.52 255.255.255.0 any
but be aware that this will stop all IP connections from that subnet to any of your IP addresses.