Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

blocking inbound traffic on FWSM

We have a server which should not listen on port 80 on FWSM. Tried blocking traffic using access-list WEBSERVERS_access_out extended deny tcp host 10.80.201.95 eq www any but didnt work. Need a solution with out using explicit deny statements towards this server/port on other interfaces.

1 REPLY
Silver

Re: blocking inbound traffic on FWSM

You should put the access list on the interface of fwsm which is connected to the server in the inbound direction. This will block all conection attempts to the server from the outside. However the server will still be listening to port 80 if web server or HTTP server is running on it. Disable HTTP server or block port 80 manually on the server to disable server from listening to port 80.

120
Views
0
Helpful
1
Replies
CreatePlease to create content