06-28-2022 02:17 AM - edited 06-28-2022 02:18 AM
Is there any method to turn off internet on a particular subnet on Cisco ASA 5515?
06-28-2022 02:24 AM
Hi there,
You can create an inbound ACL on the interface where the subnet is routed, blocking traffic destined to 0.0.0.0/0, but remember to place an allow statement about it to permit communication to your desired internal networks.
If you can share your config and the subnet in question we can provide the exact configuration required.
cheers,
Seb.
06-28-2022 02:26 AM
its all depends on the config you using. if you NAT any any and ACL have all allowed to go internet, that will be need to change.
you make changes only required IP to NAT or ACP/ACL to allow required for Internet.
06-28-2022 02:27 AM
06-28-2022 02:27 AM
Are you looking to block all internet access or just specific websites?
06-28-2022 03:40 AM
I am will to block entire internet access, but need to access machines in lan.
06-28-2022 03:59 AM
you can take help from below Tutorial very easy to understand if you are using ASDM for management.
you can also create an ACL for that
06-28-2022 04:02 AM - edited 06-28-2022 04:05 AM
Then I would do the following and assign it to the interface that you want to restrict access to the internet from.
06-28-2022 06:42 AM
you can do this by PBR where allow all other subnet to route to internet and deny specific one from route out.
you can do this by not config NAT dynamic for this subnet.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide