Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

You may experience some slow load times, errors, and slight inconsistencies. We ask for your patience as we finalize the launch. Thank you.

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our beta test area to get started.

New Member

How do block a range of ip's via PDM on PIX 501

I need to block a range of ip's, 123.8.0.0 to 123.15.255.255. How do I do that?

  • Firewalling
1 ACCEPTED SOLUTION

Accepted Solutions

Re: How do block a range of ip's via PDM on PIX 501

That's correct. And I made a mistake because the PIX doesn't use inverted masks, so it would be:

123.8.0.0 255.248.0.0

John

HTH, John *** Please rate all useful posts ***
4 REPLIES

Re: How do block a range of ip's via PDM on PIX 501

You can create an acl like:

access-list BLOCKED deny ip 123.8.0.0 0.7.255.255 any

This will cover you from 123.8.0.1 - 123.15.255.254.

HTH,

John

HTH, John *** Please rate all useful posts ***
New Member

Re: How do block a range of ip's via PDM on PIX 501

If i'm using the PDM I assume 123.8.0.0 would be the ip and 0.7.255.255 would be the mask. Is my assumption correct?

Re: How do block a range of ip's via PDM on PIX 501

That's correct. And I made a mistake because the PIX doesn't use inverted masks, so it would be:

123.8.0.0 255.248.0.0

John

HTH, John *** Please rate all useful posts ***
New Member

Re: How do block a range of ip's via PDM on PIX 501

If, as per your subject, you want to do this via PDM, then you need to go to:

Configuration>Access Rules>Access Rules>Add

Looks like this screen:

http://www.netcraftsmen.net/welcher/papers/pdm-fig02.jpg

Then just add a rule as per the previous poster's reply.

162
Views
0
Helpful
4
Replies