cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
555
Views
0
Helpful
4
Replies

2651 ACL Help

Please forgive me for my lack of knowledge. I am new to cisco IOS commands. I am attempting to study for CCNA while I have a need to manage 2600 series routers. Very confusing when trying to learn commands.

I have 2 questions if you don't mind:

1. I am attempting to block specific IP addresses on eth0 in the wake of the lastest w32.sobig virus to keep my e-mail server from crashing and to keep the clutter out of my users mailboxes. What are the commands to simply create a new access-list and apply it to a specific eth port? Or, if easier, how could I add these ip addresses to existing ACL?

2. Where might I find a complete list of commands for the 2651 that I can reference when in need, such as today?

Thank you in advance for any assistance.

Cheers,

Dana

4 Replies 4

rjackson
Level 5
Level 5

An interface can only have two access-lists; one for input and one for output. If there is already an access list on the interface for the direction you want then you must add your new statements to it but its not a simple subject.

The commands you are after are

access-list

ip access-group

The command guide you are after is at this link.

http://www.cisco.com/univercd/home/home.htm

Pull down the cisco ios arrow and select the ios version in your router. See it in the first output line of sho ver at the console.

The docs are separated into subjects which are also divided into two catagories; guides that describe a subject and some commands, and command references that show all of the commands for a subject.

Its hard to find some things, try the master index for those commands.

You might need cco access to see these.

Heres a decent doc on access-lists

http://www.cisco.com/en/US/customer/tech/tk648/tk361/technologies_white_paper09186a00801a1a55.shtml

And heres the access-list support page

http://www.cisco.com/cgi-bin/Support/browse/psp_view.pl?p=Internetworking:ACCESS-LIST_ARP_BOOT_DHCP

jmia
Level 7
Level 7

Here's a good URL to get you going:

http://www.cisco.com/warp/public/707/confaccesslists.html

And for the command refrence try searching on http://www.cisco.com

Hope this helps.

thisisshanky
Level 11
Level 11

Hey,

this is a link which explains about mitigating the Blaster worm , some access-lists to protect your network from it are given there. You could use a similar access-list.

http://www.cisco.com/warp/public/707/cisco-sn-20030814-blaster.shtml

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

Thanks for the quick and informative responses from everyone!!!

It is very much appreciated!

Cheers,

Dana

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: