03-18-2006 12:50 AM - edited 03-03-2019 12:05 PM
Sir,
I have found that my particular PC in LAN is creating a problem either NIC is faulty or PC is infected with virus . Now instead of telling somebody at remote end to remove the PC from Network , I want that PC should be disabled from Router .
I can create ACL in Router which can stop accessing this host from accessing outside. But I want that this PC should remain physically connected to LAN without disturbing other PC.
Can somebody guide ?
regds,
aman
03-18-2006 12:59 AM
Hi Aman,
Is this PC connected to a switch ? If so, you could just shut down the switch port that it is connected to.
Hope that helps - pls rate the post if it does.
Paresh
03-18-2006 01:36 AM
Sir,
I think you are right .. But we do not have manageable switches ....
regds,
aman
03-18-2006 01:43 AM
In that case, the best option is to create an ACL on the router LAN interface so that it drops all traffic from that PC. You could do something like the following:
access-list 1 deny host
access-list 1 permit any
!
interface Ethernet 0
ip access-group 1 in
Hope that helps - pls rate the post if it does.
Paresh
03-18-2006 02:16 AM
Sir,
I have already tried this .. But that does not seems to work & i have to physically remove the network ..
The same I have observed by configuring ip route-cache flow on ethernet port of router .
when I run show ip cache flow , ouput shows still infected PC
regds,
aman
03-18-2006 03:05 AM
That is strange... When you apply the ACL and do a 'sh ip access-lists' command, does it show any matches against the access-list ?
Paresh
03-18-2006 03:31 AM
Sir,
I have tried by denying one of the PCs and it is showing matches in accesslist for that particular host...
regds,
Aman
03-18-2006 04:02 AM
So if it's showing matches for that host, it means that the traffic from that host is getting dropped, right ?
Paresh
03-18-2006 04:08 AM
Yes Sir...
Thanks . Aman
03-18-2006 04:16 AM
I'm a bit confused.. if the traffic is getting dropped, then why do you say that you still see it ?
03-18-2006 04:32 AM
Sir ,
It is a mistake on my side it was showing in sh ip cache flow.
The reason for the same which I have found is that from the other end , I was running ping to that particular host.
regds,
Aman
03-18-2006 04:34 AM
So you can ping the host even if you have an ACL that is supposed to deny all traffic ?
Is there any chance you can post the interface config and the ACL you have configured ?
Paresh
03-18-2006 04:44 AM
No Sir, I cannot ping the host when it is denied on Router ..
I will send you the config on Monday...
regds
aman
03-19-2006 11:14 PM
03-20-2006 07:38 PM
Hi Aman,
So when you apply the ACL, you are no longer able to get to that host. Isn't that what you are after ? The output of 'sh ip cache flow' is most likely showing you stats on traffic that was sent before you enable the access-list ....
Paresh.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: