Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

How to configure the PIX 500 Series Firewall with software version 6.x in order to block the MSN messenger with the access-list command

Core issue

MSN changes the ports dynamically. The access-list command can block the traffic to all the IP addresses and port numbers on which MSN works, in order to block all the connections to that site. The access-list command blocks the connections to the MSN site from the inside to the outside through the PIX Firewall.

Resolution

In order to block access to MSN messenger (instant messaging), try these commands:

  • access-list block-msn deny tcp any any eq 1863

  • access-list block-msn deny tcp any host 65.54.239.80 eq www

  • access-list block-msn deny tcp any host 65.54.239.81 eq www

  • access-list block-msn deny tcp any host 207.68.178.61 eq www

  • access-list block-msn deny tcp any host 207.46.3.4 eq www

  • access-list block-msn deny tcp any host 65.54.183.202 eq www

  • access-list block-msn deny tcp any host 207.46.96.142 eq www

  • access-list block-msn permit ip any any

  • access-group block-msn in interface inside


Note: The IP addresses given are those of the MSN messenger servers IP addresses on port TCP 80.

Version history
Revision #:
1 of 1
Last update:
‎06-22-2009 04:07 PM
Updated by:
 
Labels (1)