Re: Block Adobe Updates

adamdaviddoyle · ‎08-23-2006

Hello All,

We are having a problem with machines enabled to auto update to adobe's llnw.net update servers. we'd like to block all llnw.net traffic completely.

i originally thought I would use a conduit deny statement to do this. But I am having trouble getting that to work.

Can anyone help me w/ blocking inbound traffic from a specific network block 12.120.0.0 ?

Thanks in advance,

i have a Cisco PIX-515E with PIX Firewall Version 6.3(1)

grant.maynard · ‎08-23-2006

the traffic will be outbound to 12.120.x.x - the client will request the update.

conduits are well out of date and you should use access-lists. With 6.3(1) that would have to be an inbound access-list on the inside interface. Without seeing the config I can't be more precise.

adamdaviddoyle · ‎08-23-2006

Here is the config file.

Let me know what you think.

grant.maynard · ‎08-23-2006

I do recommend chnaging your conduit into an access-list.

the to stop traffic to those IPS:

access-list in_inside deny tcp any 12.120.0.0 255.255.0.0

access-list in_inside permit ip any any

access-group in_inside in interface inside

adamdaviddoyle · ‎08-24-2006

Thanks,

It works like a charm.

nizam22769 · ‎08-31-2006

Hi,

I tried using your method to block adobe updates but unsuccessful.

Please help.

I have attach my acl for your reference.

Thanks.