-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 if upgrading the pix software is an option i would suggest converting to access-lists but you can do it with outbound and apply commands.
conduits only control inbound traffic, if you want to stop users from getting out you need to setup outbound and apply commands. to shut down access on port 80 to ip 213.248.107.10 it would look something like this. outbound 13 deny 213.248.107.10 255.255.255.255 80 tcp apply (inside) 13 outgoing_dest the apply command needs the interface you want to apply the outbound rule to. if you want to apply it to the destination ip use outgoing_dest or source ip use outgoing_src. Julius On 7 Jan 2002 at 20:34, Calhoun, Heath wrote: > > > I am attempting to block the multimedia search program kazaa on a pix 515 > running ios 4.4. > Pinging the Kazaa website, I got a address of 213.248.107.10. The program > uses port 1214. > I need to block any access to the website and to the program. I have tried > several conduits > without success. > > Any help is appreciated. > > Heath Calhoun -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 -- QDPGP 2.61c iQA/AwUBPDsPzXC9PZJ6a2iKEQJ3FQCfVaX4upvidO9iuZYOXF0VbJ7FlqIAniBP R88+vDdP52gW9VYsu49qocGl =MevP -----END PGP SIGNATURE-----