Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
337
Views
0
Helpful
1
Replies

Reg:bolking internet but permitting interanet

cisco.anubhav
Level 1
Level 1

‎04-26-2010 12:17 AM - edited ‎03-11-2019 10:37 AM

Hi,


This is a case in which i seek ur help here,i have to deny internet access to a group of ten hosts but allow them access to particular domain e.g.;xx.in ,could any one help how to udo this using Access lists on router gi 0/0 interface.

Labels:
0 Helpful
1 Reply 1

Jennifer Halim
Cisco Employee
Cisco Employee

‎04-26-2010 04:02 AM

Assuming that particular domain that they need access to resolve to 200.1.1.1, and you only need HTTP access to that domain, you can configure the following:

access-list 101 permit tcp host host eq 80

access-list 101 permit tcp host host  eq 80

...

...

access-list 101 permit tcp host host  eq 80

access-list 101 deny ip host any

access-list 101 deny ip host any

...

...

access-list 101 deny ip host any

access-list 101 permit ip any any

The last line (permit ip any any), I assume that you would like to allow access for other hosts to the internet.

Assuming gig0/0 is the internal router interface where the hosts are connected to:

interface gi0/0

     ip access-group 101 in

Hope that helps.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card