Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to allow access through port 80 for certain hosts

I have port 80 blocked (we use a filter and redirect to port 8760) using access-lists but need access to certain web pages through port 80 such as encyclopedias, etc.

2 REPLIES
Cisco Employee

Re: How to allow access through port 80 for certain hosts

A little bit more information would be useful here, please try and remember that we have no idea what you're trying to do so be as clear as possible in your description.

If you're trying to go to certain web sites OUTBOUND thru a PIX, then one option is to use a WebSense or N2H2 server in conjunction with the PIX. AS the PIX sees outbound HTTP requests it'll ask the server if it's an allowed URL, if the server says yes then the PIX will allow the connection.

See the "filter url" command detailed here:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/df.htm#1039734

Alternatively if the web sites you want to access have static IP addresses just allow port 80 thru to those servers specifically and deny port 80 to everywhere else, although you'll have to watch out tha tthey don't change their IP address every now and then. If the servers resolve to a number of IP addresses then you'll have to allow access to all of those.

If I've gotten the wrong interpretation of what you're trying to do, please provide more information and we'll help you out.

New Member

Re: How to allow access through port 80 for certain hosts

The filter is external housed at the ISP. I have solved the problem, it was the order of the access-list commands, I had the permits after the denys, switched them and it worked fine.

Thanks for the help!

150
Views
0
Helpful
2
Replies
CreatePlease login to create content