08-13-2008 10:37 AM - edited 03-04-2019 03:12 AM
Is there a way to block telnet/ssh/icmp/pop3 on all host for a specific VLAN.
Example : We have 10 VLANS configured on the backbone switch and on one VLAN we would like to block traffic in/out telnet/ssh/icmp/pop3
08-13-2008 11:14 AM
Apply an acl on interface Vlan10..
Config example:
!
interface Vlan10
ip access-group 101 in
ip access-group 101 out
!
access-list 101 deny tcp any any eq telnet
access-list 101 deny tcp any any eq 22
access-list 101 deny tcp any any eq pop3
access-list 101 deny icmp any any
!
Regards,
Raul
(Please rate helpful posts)
08-13-2008 12:17 PM
hello Raul,
i would add
access-list 101 permit any any
at the end or everything will be blocked !
Regards
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide