Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

IM block from PIX

Hi Guys,

Do you know how to block IM's from PIX 535?.

Thx

2 REPLIES
Silver

Re: IM block from PIX

In order to block connectivity to IM services, use Access Control Lists (ACLs) in order to block the ports that these clients use. This is a list of generic ports used with the messaging services currently available:

Common ports

Internet Relay Chat (IRC) - TCP 6667 and 6660 through 6670 (the default being 6667)

Common IRC - TCP 6665 through 6669

AOL Intern ICQ - TCP 5190, dyn greater than or equal to 1024

AOL Instant Messenger - TCP and User Datagram Protocol (UDP) 5190 through 5193

MSN - TCP 1863

Yahoo Voice Chat - TCP 5000 and 5001, and UDP 5000 through 5010

This is an example of an ACL that blocks the MSN traffic on the PIX outbound, while it permits all other traffic:

access-list block-msn deny tcp any any eq 1863

access-list block-msn permit ip any any

access-group block-msn in interface inside

Yahoo Messages - TCP 5050

Yahoo Webcams - TCP 5100

Re: IM block from PIX

Thx breniz..

97
Views
3
Helpful
2
Replies