10-20-2021 10:54 AM
Hi all
I need to prevent workstation on the right to access the 10.10.10.x network but its traffic will still need to flow through gateway
30.30.30.1 -> 10.10.10.1 -> internet
If i create an ACL on R1 to prevent the workstation from accessing the 10.10.10.x network - will R1 still route the workstation traffic to 10.10.10.1 ?
Thank you
Solved! Go to Solution.
10-20-2021 12:41 PM
Yes it will because the destination IP of the traffic from the PC won't be 10.10.10.1, it will be internet IPs and you are not blocking those.
Jon
10-20-2021 12:41 PM
Yes it will because the destination IP of the traffic from the PC won't be 10.10.10.1, it will be internet IPs and you are not blocking those.
Jon
10-20-2021 12:55 PM
what is the use case here to block transit ?
is this a big network ? so you can deny anything on 10.10.10.X network and you need to allow to transit IP to work ?
or you need to build a GRE Tunnel R1 and R2, make over-engineering. (depends on the use case.)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide