Re: Help with Serial0 access-list

Eric.D.Jarman · ‎01-31-2003

Hi, all it;s been a little while since i've had to write an access list, and would appreciate a little input. The goal is to filter address of non-cooperative resellers, and their spammers from leaving our network. I've created this list but; would like some input on it's efficiency. TX in advance

border1

!

interface serial0 "address of interface" "mask"

ip access-group 100 out

!

access-list 100 deny 66.197.208.166

access-list 100 permit any

access-list 100 deny 66.197.208.173

access-list 100 permit any

access-list 100 deny 66.197.208.15

access-list 100 permit any

access-list 100 deny 66.197.208.32

access-list 100 permit any

access-list 100 deny 64.191.11.60

access-list 100 permit any

access-list 100 deny 64.191.11.64

access-list 100 permit any

access-list 100 deny 66.96.223.160

access-list 100 permit any

access-list 100 deny 64.191.51.85

access-list 100 permit any

access-list 100 deny 66.197.225.3

access-list 100 permit any

access-list 100 deny 66.197.208.163

access-list 100 permit any

tepatel · ‎02-02-2003

Protocol defination is missing in the access-list 100..So the syntex of the access-list 100 is worng.

Anyway You can "deny" what you want to deny first and permit everything else using "access-list 100 permit ip any any"

Here is the url which will help you to create that. It has sample configs too.

http://www.cisco.com/warp/public/707/confaccesslists.html