lizardqueen007
asked on
access list blocking my telnet.
hi, router newbe question: re: cisco 2524 ios version 11
I am trying to block the ip addresses from a website that is always connected to my smtp. This website apparently owns a block because the specific address is alway different in the last octet.
i tried using RouterA(config)#access-lis t 1 deny 203.66.88.0 0.0.0.255
and then
RouterA>enable
RouterA#config t
RouterA(config)# int s0
RouterA(config-if)#ip access-group 1 in
My problem is that as soon as I entered the last command, I was kicked off the telnet and can not reconnect. I'm sure this is a dumb newbe mistake. FYI my ip address is NOT 203.66.88.0
Laura
I am trying to block the ip addresses from a website that is always connected to my smtp. This website apparently owns a block because the specific address is alway different in the last octet.
i tried using RouterA(config)#access-lis
and then
RouterA>enable
RouterA#config t
RouterA(config)# int s0
RouterA(config-if)#ip access-group 1 in
My problem is that as soon as I entered the last command, I was kicked off the telnet and can not reconnect. I'm sure this is a dumb newbe mistake. FYI my ip address is NOT 203.66.88.0
Laura
Hopefully you have s serial console cable and can connect via the console port to fix your telnet problem.
I am not sure from a router you can block e-mail from a domina. You can block it by address, but are you 100% sure that the offending e-mail is really coming from hinet.net and not being spoofed or relayed through an open SMTP relay?
I am not sure from a router you can block e-mail from a domina. You can block it by address, but are you 100% sure that the offending e-mail is really coming from hinet.net and not being spoofed or relayed through an open SMTP relay?
You can not block domain name by using only a router. If you know the IP address range of the domain you are blocking, go ahead use the access-list as you did but with another line added. Please add the following line also.
access-list 1 permit any
access-list 1 permit any
ASKER
yes I can use hyperterminal and now that I am at the location (51 miles away ouch!) I restarted the router and the config went back to startup.
I still would like to create an access list if possible. No I am not positive that the ip is not spoofed except for using the whois. I was mostly experimenting with access lists and I do not understand why the router kicked me off. I also figured so what if I block all traffic from
inetnum: 61.216.0.0 - 61.219.255.255
netname: HINET-TW
descr: CHTD, Chunghwa Telecom Co.,Ltd.
descr: Data-Bldg.6F, No.21, Sec.21, Hsin-Yi Rd.
descr: Taipei Taiwan 100
Do I really care?
If this is a stupid thing to do, please tell me.
I still would like to create an access list if possible. No I am not positive that the ip is not spoofed except for using the whois. I was mostly experimenting with access lists and I do not understand why the router kicked me off. I also figured so what if I block all traffic from
inetnum: 61.216.0.0 - 61.219.255.255
netname: HINET-TW
descr: CHTD, Chunghwa Telecom Co.,Ltd.
descr: Data-Bldg.6F, No.21, Sec.21, Hsin-Yi Rd.
descr: Taipei Taiwan 100
Do I really care?
If this is a stupid thing to do, please tell me.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks again Irmoore- Maybe I should have split some points because everyone has been helpful, but I haven't forgotten giltr that you are helping me alot and I will make sure points are given on other questions. Believe me, I have a lot of questions.
Thank everyone this is a great resource.
Thank everyone this is a great resource.
ASKER