Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
189
Views
0
Helpful
1
Replies

3640 dial up router. Need help with access-list.

gmaas
Level 1
Level 1

‎06-21-2004 06:52 AM - edited ‎03-02-2019 04:31 PM

I have a 3640 dial up router with a dialer pool of 10.92.1.100 10.92.1.200. What is the best way to keep each user that dials in from talking to each other? We are running into problems when a sales man doesn't keep their ant-virus defs up to date and they dial in with a virus it affects the other users that are dialed in. We would like to create an access-list or anything else that would keep the users from each other.

I am open to any sort of help.

Thanks,

Garrett

Labels:
0 Helpful
1 Reply 1

Richard Burts
Hall of Fame
Hall of Fame

‎06-21-2004 07:38 AM

I would think a fairly simple access list of two lines would do here. Essentially you want a line that will deny traffic that has the dial pool as source address and has the dial pool as the destination address and you want a line that will permit everything else.

The syntax would look like this:

access-list 150 deny ip

access-list 150 permit ip any any

This access list would be assigned as an outbound filter on the dialer or async interface.

The syntax for your particular situation will get convoluted and complex because the range of addresses in your dial pool is not assigned on a bit boundary. So it would take multiple statements to define the range starting at 100 and extending to 200. If the dial pool were on a bit boundary, starting at 128 and going to 191 for example, the access list might look like:

access-list 150 deny ip 10.92.1.128 0.0.0.63 10.92.1.128 0.0.0.63

access-list 150 permit ip any any

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents