08-03-2006 02:06 PM - edited 03-09-2019 03:48 PM
Hello,
What is the command syntax to block a single incoming ip address on a pix515e?
TIA,
Gary
08-03-2006 02:20 PM
Are you running 6 code or 7 code?
08-03-2006 10:08 PM
Hi .. try the shun command
In the following example, the offending host (10.1.1.27) makes a connection with the victim (10.2.2.89)
with TCP. The connection in the PIX Firewall connection table reads:
10.1.1.27, 555-> 10.2.2.89, 666 PROT TCP
If the shun command is applied in the following way:
shun 10.1.1.27 10.2.2.89 555 666 tcp
The preceding command would delete the connection from the PIX Firewall connection table, and it
would also prevent packets from 10.1.1.27 from going through the PIX Firewall. The offending host can
be inside or outside of the PIX Firewall.
If you use shun x.x.x.x it will block any packets coming from source x.x.x.x
I hope it helps .. please rate it if it does !!!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide