08-23-2006 06:58 AM - edited 03-09-2019 03:59 PM
Hello All,
We are having a problem with machines enabled to auto update to adobe's llnw.net update servers. we'd like to block all llnw.net traffic completely.
i originally thought I would use a conduit deny statement to do this. But I am having trouble getting that to work.
Can anyone help me w/ blocking inbound traffic from a specific network block 12.120.0.0 ?
Thanks in advance,
i have a Cisco PIX-515E with PIX Firewall Version 6.3(1)
08-23-2006 07:32 AM
the traffic will be outbound to 12.120.x.x - the client will request the update.
conduits are well out of date and you should use access-lists. With 6.3(1) that would have to be an inbound access-list on the inside interface. Without seeing the config I can't be more precise.
08-23-2006 09:36 AM
08-23-2006 02:43 PM
I do recommend chnaging your conduit into an access-list.
the to stop traffic to those IPS:
access-list in_inside deny tcp any 12.120.0.0 255.255.0.0
access-list in_inside permit ip any any
access-group in_inside in interface inside
08-24-2006 03:30 AM
Thanks,
It works like a charm.
08-31-2006 07:25 AM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: