Question about Cisco PIX 515E Firewall

1 Answer

I want to block an outside IP-address and some sites on PIX 515E

Posted by Anonymous on

Ad

1 Answer

Anonymous

  • Level 1:

    An expert who has achieved level 1.

    MVP:

    An expert that gotĀ 5 achievements.

    Governor:

    An expert whose answer gotĀ voted for 20 times.

    New Friend:

    An expert that has 1 follower.

  • Contributor
  • 34 Answers

Assuming you are running the latest version.
Short answer:
# access-list acl-outside line 1 deny ip IPYOUWANTTOBLOCK 255.255.255.255 any # write memory
The link below contains a longer helpful explanation: http://www.velocityreviews.com/forums/t35733-how-to-block-external-ip-address-on-pix-515e.html
I hope this helps.

Posted on Nov 16, 2009

Testimonial: "Thanks for the solution. Its really informative"

Ad

Add Your Answer

×

Uploading: 0%

my-video-file.mp4

Complete. Click "Add" to insert your video. Add

×

Loading...
Loading...

Related Questions:

2 Answers

I have two Cisco routers one is a 501Pix(located at branch Office), the other is a 515E Pix (located at main office). I've configured a vpn tunnel to the router at the main office. The router at the branch...


Hi,
  1. Please check whether the Tunnel Phase 1 and Phase 2 are Up.If Not Proceed Next, if Yes Proceed to point 4
  2. Please check the peer IP is reachable
  3. Please check the configuration and the encapsulation method used
  4. Check whether in the Match Address whether the IP has been Allowed If Yes Proceed Next
  5. The Branch PIX will be in the Outside interface of the Main PIX, security Level will be enabled so do NAT. If Yes Proceed next
  6. If unable to ping enable the Inspect ICMP in the global policy to enable ping If Yes
  7. If all The above are done. please check the routes between the 2 remote computer.
Please check all the above point, surely your problems will be solved

Feb 26, 2011 | Cisco PIX 501 Firewall

1 Answer

How to configure MAC access list at PIX 515


The PIX is a layer 3 device, I cant say that I have ever tried to filter a mac address. I'm pretty sure you cant

Jan 02, 2010 | Cisco PIX 515E Firewall

1 Answer

Cisco pix 515 workstations cant get outside pix can


You have to create a route statement to allow workstations to get online.

Below is the command:
route interface_name ip_address netmask gateway_ip

Example:
route outside 0.0.0.0 0.0.0.0 200.200.200.1
or
route outside 0 0 200.200.200.1

When there is already a route statement but still cannot get online, check the DNS settings.

Oct 08, 2009 | Cisco PIX 515E Firewall

1 Answer

How ti block the orkut in cisco firewall pix515E


you can only block orkut sites that you know by IP but the Pix alone cannot do it since it requires an application like websense to do URL filtering. If you have the IPs and need help creating the ACLs, feel free to let me know

Apr 11, 2009 | Cisco PIX 515E Firewall

1 Answer

User cannot log on to a web site from our network


please check after disabling javascript/activex filtering on your firewall only for this site.
If you could post me the configuration then it would be really good.

Apr 06, 2009 | Cisco PIX 515E Firewall

2 Answers

Pix 515 E allow few websites only.


Do the nslookup for the three websites and write an access list to permit the traffic only to the said website ip addresses

Eg.

1. go to dos prompt

2. type "nslookup"

3. type "www.rediff.com

Note : You will get the ip address of the websites

4. Create an object group for these websites

5. Add ip addresses of the websites

6. create an access-control list element to permit the traffic from your circle office to this object group for port tcp 80 and 443

You are done

Mar 09, 2009 | Cisco PIX 515E Firewall

1 Answer

Pix 515E inside to outside translation problem


Dear Kiran,

What is the name assigned for isp 1 as well as isp2.

for your reference kindly find the sample configuration......
ISP 1:
interface ethernet 0 100 full
nameif outside security-lvl 0
ip address outside 203.193.129.132 255.255.255.240.
nat (inisde) 1 (local network)
global (outside) 1 203.193.129.133
route outside 0 0 203.193.129.129.1.

regards,
mani.S

Mar 09, 2009 | Cisco PIX 515E Firewall

1 Answer

Could u tel me any firewall software plz


try www.opendns.org
set up in 5 minutes, need some knowledge in dns.

You have to register and validate a link from the internet IP you want to filter.
This ip may be dynamically assigned.

Commercial : websense

Feb 18, 2009 | Cisco PIX 515E Firewall

2 Answers

Restricting websites at router or firewall level


Hello,

The pix does not allow you to block urls except if you use it in conjunction with websense for example. You could however deny all outgoing traffic to port 80 except for the ip address of the websites you want to be able to access.

To do that you would setup an access-list allowing you internal network to access certain ips on port 80 and deny all other traffic outgoing.

Let me know if you need more information on how to accomplish this.

Jan 04, 2009 | Cisco PIX 515E Firewall

1 Answer

ASA 5510 sec - bun k9


Basic Commands pixfirewall(config)#hostname PIX !--- Naming the PIX is optional. PIX(config)#nameif ethernet2 fo security20 !--- Naming the interface is optional. It is recommended that you !--- hardcode the speed/duplex. PIX(config)#interface ethernet2 100full !--- Bring up the interface. PIX(config)#ip address fo 192.168.1.1 255.255.255.0 !--- Assign an IP address. Failover Commands PIX(config)#failover ip address fo 192.168.1.2 !--- IP address for the failover link. PIX(config)#failover lan unit primary !--- This unit is primary . PIX(config)#failover lan interface fo !--- The 'fo' interface is used for LAN failover. PIX(config)#failover lan key cisco !--- The Pre-shared key. PIX(config)#failover lan enable !--- Enables failover. PIX(config)#failover !--- Start the failover process. This message appears on the console:
LAN-based Failover: trying to contact peer failover_01.gifLAN-based Failover: Send hello msg and start failover monitoring

Nov 27, 2007 | Cisco ASA 5510 Firewall

Not finding what you are looking for?
Cisco PIX 515E Firewall Logo

Related Topics:

350 people viewed this question

Ask a Question

Usually answered in minutes!

Top Cisco Computers & Internet Experts

Muntejaya Ginting
Muntejaya Ginting

Level 3 Expert

10422 Answers

Mike

Level 3 Expert

4369 Answers

Marvin
Marvin

Level 3 Expert

85239 Answers

Are you a Cisco Computer and Internet Expert? Answer questions, earn points and help others

Answer questions

Manuals & User Guides

Loading...