basic block command

I'm wanting to block single ip addresses from accessing the WAN. The ip's will be identified as possible virus carriers (from remote sniffing of the network). This will give me some time to clean up the offending boxes. I plan on using an access list such as "access-list 101 deny ip 192.168.x.x"
Does this seem correct?
Thanks
gaskewAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Don JohnstonConnect With a Mentor InstructorCommented:
Close. If you're only trying to block access based on where it's coming from, use a standard access list (1-99)

Router#config t
Router(config)#access-list 1 deny 192.168.1.2 0.0.0.0
Router(config)#access-list 1 deny 192.168.1.3 0.0.0.0
Router(config)#access-list 1 deny 192.168.1.4 0.0.0.0
Router(config)#interface (wherever it's coming from)
Router(config-if)#ip access-group 1 in

-Don
0
 
gaskewAuthor Commented:
Thanks!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.