Access-list configuration to deny www

Unanswered Question
Apr 28th, 2008
User Badges:

Hi,


we have two cisco core switch , 6 access-switch and 7 VLAN has been configured. now i want to block www access for the VLAN 11.

VLAN 11 ip range: 10.138.74.192 255.255.255.192

what access-list i need to configure in the core switch.

please assist in this issue..


thanx,

som


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Istvan_Rabai Mon, 04/28/2008 - 21:07
User Badges:
  • Gold, 750 points or more

Hi Som,


The access-list will be:


access-list 101 deny tcp 10.138.74.192 0.0.0.63 any eq www

access-list 101 permit ip any any


Don't forget to apply this access-list to the appropriate interface outbound.


Cheers:

Istvan

Goutam Sanyal Mon, 04/28/2008 - 21:20
User Badges:
  • Silver, 250 points or more

Hi, Core Switch, Which one? You need to configure a VLAN-ACL. Define the policy, bonding with access-map, set the action and match the ACL number. Thanks Goutam Pls rate if it helps you!!!

Actions

This Discussion