Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX 515e Security Group

I am having trouble finding a way to give different users access to different parts of my network. It looks like I can only limit access to everyone.

Any help would be great.

2 REPLIES

Re: PIX 515e Security Group

You can change the ACL from any to a host or range of IPs. For example here's an ACL that would block all the 192.168.10 /24 users but allow all other 192.168. users.

access-list inside_out extended deny 192.168.10.0 255.255.255.0 any eq 80

access-list inside_out extended permit 192.168.0.0 255.255.0.0 any eq 80

HTH

New Member

Re: PIX 515e Security Group

You can also use the object-group commands within ACL's to group similar objects together when they share common networks, ports, etc.

119
Views
0
Helpful
2
Replies