×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Configure PIX to block outbound traffic.

Unanswered Question
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
gfullage Mon, 09/29/2003 - 17:34
User Badges:
  • Cisco Employee,

Always remember that there's an implict "deny everything" at the end of an access-list. By adding one line with a specific deny as you have, there's an additional line after that that says "deny everything else" and so everything is blocked. What you want is the following:


access-list inside_access_out deny ip any 63.246.130.0 255.255.255.255

access-list inside_access_out permit ip any any

access-group inside_access_out in interface inside


and you should be good to go.

jjknuckle Mon, 09/29/2003 - 22:41
User Badges:

Will the Pix translate the address/mask to all hosts on that network given the mask of 255.255.255.255?

Actions

This Discussion