Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
404
Views
0
Helpful
2
Replies

ACL Help

ddalessad
Level 1
Level 1

‎11-14-2008 11:55 AM - edited ‎03-04-2019 12:20 AM

I have a request from a IT manager and I'm trying to determine if I can accomplish this with an ACL. Essentially, he has a static block of IPs (10-20) on a shop floor where he does NOT want them to have Internet access, but still requires WAN access for internal Outlook and Intranet access. I've been playing around with 1-2 variations but I dont seem to be having success. Any suggestions?

Regards,

Dan

Labels:
0 Helpful
2 Replies 2

rais
Level 7
Level 7

‎11-14-2008 12:04 PM

Your can permit the static block for WAN/Intranet IPs and deny any.

Thanks.

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎11-14-2008 12:05 PM

Hello Dan,

the ACL should use a logic

permit block-ip server1

permit block-ip server2

permit block-ip intranet-block

! deny access to internet

deny blockip any

! to allow internet access to other addresses

permit any any

this extended acl should be applied inbound on the router that is the default gateway.

The range of ip addresses may need to be represented by muliple ACL lines.

We sometimes use this method to avoid internet access to specific hosts.

Hope to help

Giuseppe

0 Helpful
Customers Also Viewed These Support Documents