[afnog] Web access blocking
Mark Tinka
mtinka at africaonline.co.sz
Fri May 13 14:05:00 EAT 2005
On Friday 13 May 2005 12:35, Moussa BAGAYOKO wrote:
> Alain,
>
> My purpose is to deny Internet access to networks
> (about 10) behind my pix-525 inside interface; not web
> access on host in my DMZ.
Can you draw a network digram (ASCII?) showing current
flow of packets, and what it is you want to achieve?
Mark.
>
> I've got 2 pixs in failover that have behind inside
> interface many networks; outside interface is
> connected at last rtr cisco rtr 2611 before my ISP
> link.
>
> I tried to configure that with pix device manager pdm
> but it denied access for my entire network. PDM put
> this access rule at the top off ACL page and it
> generates the following command for one network e.g.:
>
> names
> name 111.2222.333.0 myname
>
> access-list inside_access_in deny tcp myname
> 255.255.255.0 any eq www
>
>
> Best Regards
>
>
> Moussa K BAGAYOKO
> Cadre Informaticien
> Banque de Développement du Mali
> Av Modibo KEITA Bamako MALI
> Tel: +223 222 31 84
> +233 630 40 53
>
> > -----Message d'origine-----
> > De : AINA ALAIN PATRICK(TRS)
> > [mailto:aalain at trstech.net] Envoyé : mercredi 11 mai
> > 2005 09:06
> > À : Moussa BAGAYOKO
> > Cc : afnog at afnog.org
> > Objet : Re: [afnog] Web access blocking
> >
> > Moussa,
> >
> > > Someone can help me please to how to block a web
> > > access from specific
> >
> > bloc
> >
> > > IP address behind inside interface on Cisco
> > > pix-525. The inside
> >
> > interface
> >
> > > is connected to cisco routeur 3745.
> >
> > can you provide more infos on how this works ?
> >
> > --alain
>
> _______________________________________________
> afnog mailing list
More information about the afnog
mailing list