Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Help with Serial0 access-list

Hi, all it;s been a little while since i've had to write an access list, and would appreciate a little input. The goal is to filter address of non-cooperative resellers, and their spammers from leaving our network. I've created this list but; would like some input on it's efficiency. TX in advance

border1

!

interface serial0 "address of interface" "mask"

ip access-group 100 out

!

access-list 100 deny 66.197.208.166

access-list 100 permit any

access-list 100 deny 66.197.208.173

access-list 100 permit any

access-list 100 deny 66.197.208.15

access-list 100 permit any

access-list 100 deny 66.197.208.32

access-list 100 permit any

access-list 100 deny 64.191.11.60

access-list 100 permit any

access-list 100 deny 64.191.11.64

access-list 100 permit any

access-list 100 deny 66.96.223.160

access-list 100 permit any

access-list 100 deny 64.191.51.85

access-list 100 permit any

access-list 100 deny 66.197.225.3

access-list 100 permit any

access-list 100 deny 66.197.208.163

access-list 100 permit any

1 REPLY
Cisco Employee

Re: Help with Serial0 access-list

Protocol defination is missing in the access-list 100..So the syntex of the access-list 100 is worng.

Anyway You can "deny" what you want to deny first and permit everything else using "access-list 100 permit ip any any"

Here is the url which will help you to create that. It has sample configs too.

http://www.cisco.com/warp/public/707/confaccesslists.html

196
Views
0
Helpful
1
Replies
CreatePlease to create content