Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
574
Views
5
Helpful
2
Replies

Deny traffic to transit network

Go to solution
SJ K
Level 5
Level 5

‎10-20-2021 10:54 AM

Hi all

 

Capture.JPG

 

I need to prevent workstation on the right to access the 10.10.10.x network but its traffic will still need to flow through gateway

30.30.30.1 -> 10.10.10.1 -> internet

 

If i create an ACL on R1 to prevent the workstation from accessing the 10.10.10.x network - will R1 still route the workstation traffic to 10.10.10.1 ?

 

Thank you

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎10-20-2021 12:41 PM

 

Yes it will because the destination IP of the traffic from the PC won't be 10.10.10.1, it will be internet IPs and you are not blocking those. 

 

Jon

View solution in original post

2 Replies 2

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎10-20-2021 12:41 PM

 

Yes it will because the destination IP of the traffic from the PC won't be 10.10.10.1, it will be internet IPs and you are not blocking those. 

 

Jon

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎10-20-2021 12:55 PM

what is the use case here to block transit ?

 

is this a big network ? so you can deny  anything  on 10.10.10.X  network and you need to allow to transit IP to work ?

 

or you need to build a GRE Tunnel R1 and R2, make over-engineering. (depends on the use case.)

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card