Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
130
Views
1
Helpful
2
Replies

ACL HTTPS INbound

Go to solution
Leev1tan
Level 1
Level 1

ā€Ž11-14-2024 10:04 AM

I have a router that connected to CoreSwitch that gives access to internet. The trickiness is that I need to block HTTPS port but for INbound(only) traffic on interface of router, that have access to internet. So not only network behind the router couldn't have access to https of some host, but also ROUTER itself. I couldn't find ways to configure that using acl rule only, even AI's can't find a solution(o1-preview were thinking for 2 minutes and still nothing). Instructor says that it's possible, but I'm not sure, so I wanted to ask here before I contact him, if anybody could have a solution.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP

ā€Ž11-14-2024 10:26 AM

Use ACL with keyword ""established""

This keyword allow only traffic initiate from router to internet and not allow traffic initiate from internet to router 

MHM

View solution in original post

2 Replies 2

Go to solution
Flavio Miranda
VIP
VIP

ā€Ž11-14-2024 10:16 AM

@Leev1tan 

Add ACL on the routerd interface facing the internet

ip access-list 100 deny any "router IP" eq 443

ip access-list 100 deny any "network behind router" eq 443

ip access-list 100 permit ip any any

Interface gix

access-group 100 in

If this is a PacketTracer project, attach the file here. ZIP It first

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP

ā€Ž11-14-2024 10:26 AM

Use ACL with keyword ""established""

This keyword allow only traffic initiate from router to internet and not allow traffic initiate from internet to router 

MHM

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card