Unanswered Question
Aug 24th, 2008
User Badges:


Our INTERNET router is getting hits from a public IP on a router and would like to block that IP.

Interface E0 ( Public )

Interface FE0/1 ( LAN )

IP nat pool Internet x.x.x.x x.x.x.x netmask

access-list 10 permit ( This is Cache-Server )

How do I block this IP...

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
dhananjoy chowdhury Sun, 08/24/2008 - 02:09
User Badges:
  • Silver, 250 points or more

If you want to block the IP A.B.C.D to reach your NW, then apply this ACL

access-list 101 deny ip host A.B.C.D any

access-list 101 permit ip any any

int E0

ip access-group 101 in


But again in this example I have mentioned "permit ip any any" after denying the IP A.B.C.D., which is not safe.

So I would suggest to allow only interseting traffic in place of permitting ANY.

Amin Shaikh Sun, 08/24/2008 - 02:37
User Badges:

If I want to allow only ISP Proxy address with port 8080.

Our Cache box only need to connect to ISP Proxy.


This Discussion