Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
355
Views
0
Helpful
2
Replies

cannot block infected host

Go to solution
lcaruso
Level 6
Level 6

‎04-19-2013 06:49 AM - edited ‎03-11-2019 06:31 PM

Need some help.

I cannot block an internal host with an smtp virus with an ACL denying all ip from that host to any.

I assume this is because the connections are already established. I've tried clear local-host on that internal address but didn't help.

How do I stop a host with established connections?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎04-19-2013 06:53 AM

Hi,

The ACL should be enough to block any new connections from the host towards any other interface on the ASA.

If you want to clear up a specific hosts connections then you could use

clear conn address

Or you can clear the translations for that host

clear xlate local

But to be honest I think the "clear local-host" command should already accomplish the same as above.

Have you confirmed that the block rule that you created is getting hits?

- Jouni

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎04-19-2013 06:53 AM

Hi,

The ACL should be enough to block any new connections from the host towards any other interface on the ASA.

If you want to clear up a specific hosts connections then you could use

clear conn address

Or you can clear the translations for that host

clear xlate local

But to be honest I think the "clear local-host" command should already accomplish the same as above.

Have you confirmed that the block rule that you created is getting hits?

- Jouni

0 Helpful

Go to solution
lcaruso
Level 6
Level 6
In response to Jouni Forss

‎04-19-2013 07:06 AM

I tried clear-local host ip address all but the volume of traffic was so high it didn't stop everything until I used clear conn.

Thanks.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card