Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Allow MSN Messenger (and blocking too) on Pix515E

I have Pix 515e and a MS Isa Server 2004

the ISA have the IP 10.1.05 (for example) and I want to manage the msn messenger using the ISA policies, I think that I need to allow to the ISA full access for msn messenger and i have the following configuration (taked from other posts)

object-group service Messenger-UDP udp

description UDP ports to block/give access to MSN Messenger

port-object eq 5055

object-group service Messenger-TCP tcp

description TCP ports to block/give access to MSN Messenger

port-object eq 5000

port-object eq 5001

port-object eq 5100

port-object eq 1863

object-group network Messenger-IPs-Permited

description List of IPs that have access to MSN Messenger

network-object host 10.1.0.5

access-list 101 permit tcp any object-group Messenger-IPs-Permited object-group Messenger-TCP

access-list 101 permit udp any object-group Messenger-IPs-Permited object-group Messenger-UDP

I don't know (I'm a newbie) if I have to do something more, because it isn't working.

2 REPLIES

Re: Allow MSN Messenger (and blocking too) on Pix515E

Do you have NAT set up for 10.1.0.5? ("show static", "show nat" and "show global" will tell)

I think that you're meaning to allow 10.1.0.5 to go out to the internet, in which case your ACL is the wrong way round, it should be

access-list 101 permit tcp object-group Messenger-IPs-Permited any object-group Messenger-TCP

access-list 101 permit udp object-group Messenger-IPs-Permited any object-group Messenger-UDP

and applied inbound to the inside interface.

Perhaps if you posted the config it would be easier.

New Member

Re: Allow MSN Messenger (and blocking too) on Pix515E

yes...

show nat, give me...

nat (inside) 1 10.1.0.5 255.255.255.255 0 0

138
Views
0
Helpful
2
Replies
CreatePlease login to create content