Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Blocking outgoing traffic on 4.4

I have come across a new client who is using a pix 515 with ver 4.4.

I want to limit outgoing traffic to only 80,443,21 and ideally only a couple of pcs.

I assume I should be using the conduit command but I can work out how to apply it.

3 REPLIES
Cisco Employee

Re: Blocking outgoing traffic on 4.4

No. You don't need conduits. They poke holes through from the outside.

Use access lists instead.

Liberty for All,

Brian

Community Member

Re: Blocking outgoing traffic on 4.4

access-lists ? in 4.4?

no way, go for outbound and apply instead:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v44/pix44cfg/pix44cmd.htm#xtocid892831

regards

ralf krist

Community Member

Re: Blocking outgoing traffic on 4.4

You may want to consider an IOS upgrade (if you can) but for 4.4 yopu would need something like this. Don't forget DNS!!!

outbound 1 permit 0.0.0.0 0.0.0.0 80 tcp

outbound 1 permit 0.0.0.0 0.0.0.0 443 tcp

outbound 1 permit 0.0.0.0 0.0.0.0 21 tcp

outbound 1 permit 0.0.0.0 0.0.0.0 53 udp

outbound 1 deny 0.0.0.0 0.0.0.0

apply (inside) 1 outgoing_src

114
Views
0
Helpful
3
Replies
CreatePlease to create content