-2

I want to block my server talking to an external IP address continously.

The IP address in question is I think is being hijacked or spoofed. When Used who.is it resolves to Netherlands. But if you use any other tools it resolves to Jordan.

Any step by step configuration is highly appreciated.

Thank you Kind Regards N

monketrip28
  • 69
  • 3
  • 14
  • 1
    If your ASA 5505 came without the _Cisco ASA 5500 Series Configuration Guide using ASDM_, there is a free copy available on their website. We can help, if you have a problem in understanding some details, but we are not paid for doing your job, like trivial firewall rules. – Esa Jokinen May 07 '17 at 10:33
  • @EsaJokinen, thank you. You are been so kind. First of its nature. but thank you. May you live in peace and harmony. – monketrip28 May 08 '17 at 14:06

1 Answers1

1

Basic.

You can temporarily shun 65.196.220.5 from the ASA's command line.

ewwhite
  • 197,159
  • 92
  • 443
  • 809
  • if I run this cmd, will that block all the connection from the firewall ? – monketrip28 May 08 '17 at 14:07
  • **Yes.** As in [Cisco ASA 5500 Series Command Reference, 8.2](https://www.cisco.com/c/en/us/td/docs/security/asa/asa82/command/reference/cmd_ref/s8.html), `shun source_ip`: "_To block connections from an attacking host, use the `shun` command in privileged EXEC mode. To disable a shun, use the `no` form of this command._" – Esa Jokinen May 08 '17 at 14:10