cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
132
Views
0
Helpful
1
Replies
gmaas
Beginner

3640 dial up router. Need help with access-list.

I have a 3640 dial up router with a dialer pool of 10.92.1.100 10.92.1.200. What is the best way to keep each user that dials in from talking to each other? We are running into problems when a sales man doesn't keep their ant-virus defs up to date and they dial in with a virus it affects the other users that are dialed in. We would like to create an access-list or anything else that would keep the users from each other.

I am open to any sort of help.

Thanks,

Garrett

1 REPLY 1
Richard Burts
Hall of Fame Guru

I would think a fairly simple access list of two lines would do here. Essentially you want a line that will deny traffic that has the dial pool as source address and has the dial pool as the destination address and you want a line that will permit everything else.

The syntax would look like this:

access-list 150 deny ip

access-list 150 permit ip any any

This access list would be assigned as an outbound filter on the dialer or async interface.

The syntax for your particular situation will get convoluted and complex because the range of addresses in your dial pool is not assigned on a bit boundary. So it would take multiple statements to define the range starting at 100 and extending to 200. If the dial pool were on a bit boundary, starting at 128 and going to 191 for example, the access list might look like:

access-list 150 deny ip 10.92.1.128 0.0.0.63 10.92.1.128 0.0.0.63

access-list 150 permit ip any any

HTH

Rick