You can get specific down to the host level in an ACL, e.g. permit tcp host 10.0.7.5 any eq www. Your ACL will need to allow for outbound DNS queries, but you don't need anything else for web traffic to work -- the last statement's destination is "any", so that covers everything.
Thanks for the reply. So you're saying I'd need a permit statement for the DNS to allow for queries but not for the default route?
Also, I would like to have control over access to internal web servers. For example I would want to allow our Student VLAN access to any website etc, externally but only selective access to webservers on our internal network.
With the last statement destination of any, I realize this allows for web traffic to any host...does that apply to internal web hosts as well as external web hosts?
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...