Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

ip access-control on a flat network

I have an odd situation. There are 200 clients on a /24 subnet that point to a router for their def-gateway. These clients and the router attach to a flat switched network. I need to provide layer-3 access control between the router and clients but I CAN NOT READDRESS ANYTHING. I can't re-IP the local router interface or change the client's IP or gateway. I'm trying to think of a way to do the ACL. I've thought of a 2-ethernet router stuck behind the router in bridging mode but I can't apply layer-3 ACLs on the bridge interfaces. Any solution with a Pix? I'm thinking along the lines of DNAT or NAT0 but can't make it work in my head...

New Member

Re: ip access-control on a flat network

what about just blocking the hosts you dont want permitted with a normal access list inbound on the routers interface - wont this do what you want?

CreatePlease to create content