ACL to Filter Outbound Internet Traffic

keyyo0200 · ‎11-03-2008

I have a remote site that I need to block some outbound Internet traffic. The site is setup as a PPPOE for Internet access via a DSL modem and they have a T1 connection to the corporate office. I have an ACL setup to take care of Inbound Internet traffic on the dialer Interface. I am looking for some for help to block outbound internet traffic from there internal network without disrupting traffic to the corporate office.

husycisco · ‎11-03-2008

Hello Bryan,

Depending on the traffic flow (If you have a sort of traffic that must be permitted to corporate and be blocked to inside to any), you can first permit the corporate destined traffic then deny any. This acl can be applied to inside interface in inbound direction. If you like, post here the traffic that you want to be denied and the traffic that you dont want to be affected and I can type you a sample ACL

Regards

keyyo0200 · ‎11-04-2008

I need to rephrase the question. I need to block certain Internet websites on the remote site so do I add an outbound ACL on the dialer interface or on the Ethernet interface of the internal network. I already have an inbound ACL on the dialer interface.

1.If the outbound ACL is added on the LAN interface the below traffic allowed out

Pop3

SMTP

IMAP4

DNS

BGP

Telnet

Intranet

Internet

2.Below Internet traffic blocked

209.16.161.6

209.16.161.133

209.16.161.68

69.63.178.14