I have a 2610 router as my gateway. I want to block and ip range from passing through. I have been under a constant flow of MSSQL Command sig's and want to block the entire 22.214.171.124 network. What is the syntax for the access list. I have "access-list 100 deny ip host 126.96.36.199 any ". This range is still passing through. Help?
Three things are wrong. First, your access list will deny the "host" 188.8.131.52, which doesn't exist. Second, the access list blocks everything, since there is an implied "deny any any" at the end of every access list, unless you put "permit any any" at the end. Third, you do not mention applying the access list as an access group on an interface, so the access list has no effect.
Since you only want to block based upon the source IP address, there is no need for an extended access list. Use the following commands:
access-list x deny 184.108.40.206 0.255.255.255
access-list x permit any
where x is between 1 and 99. Then, on an interface, enter the command "ip access-group x (in|out)". In and out refers to the direction data is taking with regard to the interface you are configuring. Be sure to specify an interface and direction that is consistent with a source address in the 220.127.116.11 network.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.