Calhoun, Heath wrote: > I am attempting to block the multimedia search program kazaa on a pix 515 > running ios 4.4. > Pinging the Kazaa website, I got a address of 213.248.107.10. The program > uses port 1214. > I need to block any access to the website and to the program. I have tried > several conduits > without success. > > Any help is appreciated. > > Heath Calhoun >
Assuming you have a two interface Pix, you can set up an access list for outgoing traffic. access-list 1 deny tcp any host 213.248.107.10 eq 1214 access-list 1 deny udp any host 213.248.107.10 eq 1214 access-list 1 permit tcp any any access-list 1 permit udp any any access-list 1 permit icmp any any Then place the access list on the inside interface: access-group 1 in interface inside This rule will block traffic to that address and port, and then allow all other outbound connections. HTH Rich -- Richard Walsh Systems Administrator Mission Critical Linux [EMAIL PROTECTED]