02-18-2004 01:12 PM - edited 03-09-2019 06:28 AM
I want to block all outbound traffic to a subnet. Say, 12.34.56.x 255.255.255.0
What is a easiest/best way to accomplish this?
Thanks,
Jay
Solved! Go to Solution.
02-18-2004 01:28 PM
you cannot block outbound on an interface with a pix, you can with IOS. on a pix, you need to block the traffic on a different interface. generally, this is done on the inside interface
access-list inside deny ip any 12.34.56.0 255.255.255.0
access-list inside permit ip any any
access-group inside in interface inside
will block that traffic from entering the inside interface, and thus is will not go thru the pix to the outside world
02-18-2004 01:28 PM
you cannot block outbound on an interface with a pix, you can with IOS. on a pix, you need to block the traffic on a different interface. generally, this is done on the inside interface
access-list inside deny ip any 12.34.56.0 255.255.255.0
access-list inside permit ip any any
access-group inside in interface inside
will block that traffic from entering the inside interface, and thus is will not go thru the pix to the outside world
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide