Sir,

I think you are right .. But we do not have manageable switches ....

regds,

aman

In that case, the best option is to create an ACL on the router LAN interface so that it drops all traffic from that PC. You could do something like the following:

access-list 1 deny host

access-list 1 permit any

!

interface Ethernet 0

ip access-group 1 in

Hope that helps - pls rate the post if it does.

Paresh

Sir,

I have already tried this .. But that does not seems to work & i have to physically remove the network ..

The same I have observed by configuring ip route-cache flow on ethernet port of router .

when I run show ip cache flow , ouput shows still infected PC

regds,

aman

That is strange... When you apply the ACL and do a 'sh ip access-lists' command, does it show any matches against the access-list ?

Paresh

Sir,

I have tried by denying one of the PCs and it is showing matches in accesslist for that particular host...

regds,

Aman

So if it's showing matches for that host, it means that the traffic from that host is getting dropped, right ?

Paresh

Yes Sir...

Thanks . Aman

I'm a bit confused.. if the traffic is getting dropped, then why do you say that you still see it ?

Sir ,

It is a mistake on my side it was showing in sh ip cache flow.

The reason for the same which I have found is that from the other end , I was running ping to that particular host.

regds,

Aman

So you can ping the host even if you have an ACL that is supposed to deny all traffic ?

Is there any chance you can post the interface config and the ACL you have configured ?

Paresh

No Sir, I cannot ping the host when it is denied on Router ..

I will send you the config on Monday...

regds

aman

Sir,

Please find the attached config ..

regds,

aman

Hi Aman,

So when you apply the ACL, you are no longer able to get to that host. Isn't that what you are after ? The output of 'sh ip cache flow' is most likely showing you stats on traffic that was sent before you enable the access-list ....

Paresh.