Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
318
Views
0
Helpful
3
Replies

Access List

londint
Level 1
Level 1

‎11-20-2006 05:19 AM - edited ‎03-05-2019 12:55 PM

I need to apply access list to an interface Vlan10 saying the

We dont want this netork a.a.a.a coming on to our network.

SO I have access-list 8 deny a.a.a.a

access-list 8 permit any

and on the Vlan Interface 10

Interface Vlan 10

ip access-group 8 out

Is this correct?

Please help.

I also do not wanto to be able to ping a network b.b.b.b

On the VLAn 11

Do I have access-list 12 deny b.b.b.b

access-list 12 permit any

Interface Vlan 11

ip access-group 12 in

Is this correct?

How can I write it ok.

Labels:
0 Helpful
3 Replies 3

rais
Level 7
Level 7

‎11-20-2006 06:54 AM

If you are doing L3, you can simply add a route for this network to a null0 device.

ip route a.a.a.a 255.255.0.0 null0

For ACL, use inward ACLs on your interfaces closest to the entry point for that network.

Thanks.

0 Helpful

londint
Level 1
Level 1
In response to rais

‎11-20-2006 08:20 AM

Thanks. What does null0 do?.

My main issue is the OUT/IN position. Yes Vlan10 and Vlan11 are the nesrest vlan to these networks.

0 Helpful

royalblues
Level 10
Level 10
In response to londint

‎11-20-2006 08:25 AM

Hi friend,

Null0 is a imaginary interface which does not exist. Routes forwarded to Null0 are thus dropped.

This is often referred to as "Black Hole Routing"

HTH, rate if it does

Narayan

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card