Access-list configuration to deny www

Unanswered Question
Apr 28th, 2008

Hi,

we have two cisco core switch , 6 access-switch and 7 VLAN has been configured. now i want to block www access for the VLAN 11.

VLAN 11 ip range: 10.138.74.192 255.255.255.192

what access-list i need to configure in the core switch.

please assist in this issue..

thanx,

som

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Istvan_Rabai Mon, 04/28/2008 - 21:07

Hi Som,

The access-list will be:

access-list 101 deny tcp 10.138.74.192 0.0.0.63 any eq www

access-list 101 permit ip any any

Don't forget to apply this access-list to the appropriate interface outbound.

Cheers:

Istvan

Goutam Sanyal Mon, 04/28/2008 - 21:20

Hi, Core Switch, Which one? You need to configure a VLAN-ACL. Define the policy, bonding with access-map, set the action and match the ACL number. Thanks Goutam Pls rate if it helps you!!!

Actions

This Discussion