Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Problems with access-list

I am a very new user of Cisco routers but I have a small plain addressed ( network on wich I want to permit the primary 10 users to acces internet, another 80 Internet deny, and the rest also Internet acces. How can I construct an access-list to get that results


Re: Problems with access-list

Hi cqoax_telcom,

This would depend on the ip address's that are in play, if you have a range of ip address's you wish to permit or deny then you could do this in 2 acl statements. 2 acls for the range to allow and as you may or maynot know at the end of a acl if nothing matches it will deny unmatched entries.

I.E. #access-list 10 deny

This example is list number 10, which deny's

then you would assign it to the interface

# int e1

#ip access-group 10 out|in - depending on incomming or outgoing that you want to deny traffic. You would use this same pattern to create permit trafficjust replace deny with permit.

Otherwise you would have to do each entry or try to find as many ip's in a range.

To deny by individual host:

#access-list 10 deny host

then you would assign it to the interface

# int e1

#ip access-group 10 out|in

You can also use extended acl's to block by tcp port if you like.


Please rate.




Re: Problems with access-list

What type of device is it that you are using ?

Different devices have different ways of writing access-lists.


New Member

Re: Problems with access-list

Hi cgoax,

May I know your network connection first?


CreatePlease to create content