Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PC

Sir,

I have found that my particular PC in LAN is creating a problem either NIC is faulty or PC is infected with virus . Now instead of telling somebody at remote end to remove the PC from Network , I want that PC should be disabled from Router .

I can create ACL in Router which can stop accessing this host from accessing outside. But I want that this PC should remain physically connected to LAN without disturbing other PC.

Can somebody guide ?

regds,

aman

16 REPLIES
Purple

Re: PC

Hi Aman,

Is this PC connected to a switch ? If so, you could just shut down the switch port that it is connected to.

Hope that helps - pls rate the post if it does.

Paresh

New Member

Re: PC

Sir,

I think you are right .. But we do not have manageable switches ....

regds,

aman

Purple

Re: PC

In that case, the best option is to create an ACL on the router LAN interface so that it drops all traffic from that PC. You could do something like the following:

access-list 1 deny host

access-list 1 permit any

!

interface Ethernet 0

ip access-group 1 in

Hope that helps - pls rate the post if it does.

Paresh

New Member

Re: PC

Sir,

I have already tried this .. But that does not seems to work & i have to physically remove the network ..

The same I have observed by configuring ip route-cache flow on ethernet port of router .

when I run show ip cache flow , ouput shows still infected PC

regds,

aman

Purple

Re: PC

That is strange... When you apply the ACL and do a 'sh ip access-lists' command, does it show any matches against the access-list ?

Paresh

New Member

Re: PC

Sir,

I have tried by denying one of the PCs and it is showing matches in accesslist for that particular host...

regds,

Aman

Purple

Re: PC

So if it's showing matches for that host, it means that the traffic from that host is getting dropped, right ?

Paresh

New Member

Re: PC

Yes Sir...

Thanks . Aman

Purple

Re: PC

I'm a bit confused.. if the traffic is getting dropped, then why do you say that you still see it ?

New Member

Re: PC

Sir ,

It is a mistake on my side it was showing in sh ip cache flow.

The reason for the same which I have found is that from the other end , I was running ping to that particular host.

regds,

Aman

Purple

Re: PC

So you can ping the host even if you have an ACL that is supposed to deny all traffic ?

Is there any chance you can post the interface config and the ACL you have configured ?

Paresh

New Member

Re: PC

No Sir, I cannot ping the host when it is denied on Router ..

I will send you the config on Monday...

regds

aman

New Member

Re: PC

Sir,

Please find the attached config ..

regds,

aman

Purple

Re: PC

Hi Aman,

So when you apply the ACL, you are no longer able to get to that host. Isn't that what you are after ? The output of 'sh ip cache flow' is most likely showing you stats on traffic that was sent before you enable the access-list ....

Paresh.

New Member

Re: PC

That's right Sir.

After clear ip cache flow is done , the denied host also disappears.

regds,

aman

Purple

Re: PC

So your problem is solved.

The only entries in 'sh ip cache flow' are for old traffic so the ACL is working well.

Pls do remember to rate the posts if you found them helpful.

Paresh

150
Views
0
Helpful
16
Replies