Pravin Phadte Wed, 06/11/2008 - 05:20
User Badges:
  • Silver, 250 points or more

It would look like this:


(config)# access-list 105 deny ip 224.0.0.0 15.255.255.255 any


If there are servers in the address block 10.1.1.0/24 you might only allow multicast comming from offical servers.


ip access-list extended Allowed-Blocked

permit ip host 10.1.1.0.0 0.0.0.255 224.0.0.0 15.255.255.255

permit ip any 224.0.0.0 0.0.1.255

deny ip any 224.0.0.0 15.255.255.255 log

permit ip any any


interface ethernet0

ip access-group Allowed-Blocked in


Regrads,


Pravin

Actions

This Discussion