If want outbound ACL just for the specified port (9001) then you'd do the following:
You need to create ACL on the inside interface i.e.
> access-list inside permit tcp host any eq 9001
Now configure the above ACL to the inside interface with the following:
> access-group inside in interface inside
The above ACL will only allow outbound traffic for port 9001, the best way to write a ACL would be on text editor (notepad) as follows:
no access-list inside
access-list inside permit tcp host any eq 9001
access-group inside in interface inside
..then copy the above and in config mode on the pix paste back in, make sure to do wr m (write memory) and that should do it. Also it would be good to use a static ip address for the inside host rather then a dynamic ip address (DHCP IP Address).
Of course I don't really know which pix IOS you are running but if are running pix IOS version 6.0+ then the above should be okay.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...