04-23-2024 01:01 AM
I want to create an ACL on Cisco to prevent one network from communicating with others except for the internet. Can you help?
04-23-2024 01:06 AM
Have Extend ACL and allow only what you need
04-23-2024 01:07 AM
I think you can I depend
you can try use
deny <LAN><LAN>
permit<LAN><Any>
the ACL apply IN direction
MHM
04-23-2024 04:32 AM
Hello cyberpea,
You can achieve this by configuring an Extended ACL...
Here is the sample configuration....
Note:- RFC 1918 means Private IP Address
Router(config)# ip access-list extended INTFILT
Router(config-ext-nacl)# permit tcp any any established
Router(config-ext-nacl)# permit tcp any 130.13.150.223 0.0.0.0 eq 80
Router(config-ext-nacl)# permit tcp any 130.13.150.223 0.0.0.0 eq 443
Router(config-ext-nacl)# deny ip 10.0.0.0 0.255.255.255 any
Router(config-ext-nacl)# deny ip 172.16.0.0 0.15.255.255 any
Router(config-ext-nacl)# deny ip 10.0.0.0 0.0.255.255 any
Router(config-ext-nacl)# exit
Router(config)# Interface serial 0/1
Router(config-if)# ip access-group INTFILT in
Best regards
******* If This Helps, Please Rate *******
04-23-2024 05:30 AM
Where the inter-VLAN is happening? on a switch, a router, or a firewall? are you trying to deny a subnet from talking to other subnets in your network allowing internet? or are you trying to deny traffic between the same endpoints in the same subnet allowing internet?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide