Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 200
  • Last Modified:

basic block command

I'm wanting to block single ip addresses from accessing the WAN. The ip's will be identified as possible virus carriers (from remote sniffing of the network). This will give me some time to clean up the offending boxes. I plan on using an access list such as "access-list 101 deny ip 192.168.x.x"
Does this seem correct?
Thanks
0
gaskew
Asked:
gaskew
1 Solution
 
Don JohnstonInstructorCommented:
Close. If you're only trying to block access based on where it's coming from, use a standard access list (1-99)

Router#config t
Router(config)#access-list 1 deny 192.168.1.2 0.0.0.0
Router(config)#access-list 1 deny 192.168.1.3 0.0.0.0
Router(config)#access-list 1 deny 192.168.1.4 0.0.0.0
Router(config)#interface (wherever it's coming from)
Router(config-if)#ip access-group 1 in

-Don
0
 
gaskewAuthor Commented:
Thanks!
0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now