Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

need for Access_list

I want to deny this IP range



Permit only 1 host


Using access-list. with the  Current configuration

interface GigabitEthernet0/0

ip address

ip nat inside

ip virtual-reassembly in max-fragments 64 max-reassemblies 256

interface GigabitEthernet0/1

description ### ADSL WAN Interface ###

no ip address

  pppoe enable group global

pppoe-client dial-pool-number 1

interface ATM0/0/0

no ip address

no atm ilmi-keepalive

interface Dialer1

description ### ADSL WAN Dialer ###

ip address negotiated

ip mtu 1492

ip nat outside

no ip virtual-reassembly in

encapsulation ppp

dialer pool 1

dialer-group 1

ppp authentication pap callin

ppp pap sent-username xxxxxx password 7 xxxxxxxx!

ip forward-protocol nd

ip http server

no ip http secure-server

ip nat inside source list 101 interface Dialer1 overload

ip nat inside source static tcp 22 interface Dialer1 22

ip nat inside source static udp 500 interface Dialer1 500

ip nat inside source static udp 4500 interface Dialer1 4500

ip route Dialer1

ip route


access-list 101 permit ip any

access-list 112 deny   ip host any

dialer-list 1 protocol ip permit


need for Access_list

If you would like to allow only one IP then you can go with the below one

ip access-list extended 102

10 permit ip host any

Or if you would like to permit other networks as well then add them to this list and leave it as the implicit deny will catch other subnets and deny it.

where do you want to apply the ACL??

Thx, Kasi

CreatePlease to create content