Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
228
Views
0
Helpful
2
Replies

Block a specific ip...

hornbeck
Level 1
Level 1

‎08-03-2006 02:06 PM - edited ‎03-09-2019 03:48 PM

Hello,

What is the command syntax to block a single incoming ip address on a pix515e?

TIA,

Gary

Labels:
0 Helpful
2 Replies 2

sean
Level 3
Level 3

‎08-03-2006 02:20 PM

Are you running 6 code or 7 code?

0 Helpful

Fernando_Meza
Level 7
Level 7

‎08-03-2006 10:08 PM

Hi .. try the shun command

In the following example, the offending host (10.1.1.27) makes a connection with the victim (10.2.2.89)

with TCP. The connection in the PIX Firewall connection table reads:

10.1.1.27, 555-> 10.2.2.89, 666 PROT TCP

If the shun command is applied in the following way:

shun 10.1.1.27 10.2.2.89 555 666 tcp

The preceding command would delete the connection from the PIX Firewall connection table, and it

would also prevent packets from 10.1.1.27 from going through the PIX Firewall. The offending host can

be inside or outside of the PIX Firewall.

If you use shun x.x.x.x it will block any packets coming from source x.x.x.x

I hope it helps .. please rate it if it does !!!!

0 Helpful
Customers Also Viewed These Support Documents