Cisco Systems ISA550 Manual De Usuario
Firewall
Firewall and NAT Rule Configuration Examples
Cisco ISA500 Series Integrated Security Appliances Administration Guide
280
6
Blocking Outbound Traffic by Schedule and IP Address
Range
Range
Use Case: Block all weekend Internet usage if the request originates from a
specified range of IP addresses.
specified range of IP addresses.
Solution: Create an address object with the range 10.1.1.1 to 10.1.1.100 called
“TempNetwork” and a schedule called “Weekend” to define the time period when
the firewall rule is in effect. Then create a firewall rule as follows:
“TempNetwork” and a schedule called “Weekend” to define the time period when
the firewall rule is in effect. Then create a firewall rule as follows:
Blocking Outbound Traffic to an Offsite Mail Server
Use Case: Block access to the SMTP service to prevent a user from sending email
through an offsite mail server.
through an offsite mail server.
Solution: Create a host address object with the IP address 10.64.173.20 called
“OffsiteMail” and then create a firewall rule as follows:
“OffsiteMail” and then create a firewall rule as follows:
Services
CU-SEEME
Source Address
OutsideNetwork
Destination Address
InternalIP
Match Action
Permit
From Zone
LAN
To Zone
WAN
Services
HTTP
Source Address
TempNetwork
Destination Address
Any
Schedule
Weekend
Match Action
Deny