03-25-2016 08:49 PM - edited 03-05-2019 03:39 AM
hello ,
our antivirus ask us to block few ips in network.those ip are from Internet.
queries -
our Network structure is first come router-firewall-core.
where i can block infected ip address ?
on router or on firewall .
if in router then please provide us command for same
03-25-2016 10:48 PM
please provide us router configuration exept passwords and ip
sh runn
03-25-2016 11:26 PM
03-26-2016 09:49 PM
conf t
ip access-list extended FromWorld
deny ip any 192.168.0.0 0.0.255.255
deny ip any 172.16.0.0 0.15.255.255
deny ip any 10.0.0.0 0.255.255.255
!------------ add your lines here like ---- deny ip host a.b.c.d any
permit ip any any
!
interface GigabitEthernet0/0
description "LINK TO RAILTEL INTERNET"
ip access-group FromWorld in
exi
exi
wr
03-26-2016 12:20 AM
The firewall would be the typical place to enforce access-control which includes blocking communication with IPs on the internet. There are multiple ways to achieve that, and using ACLs is probably not the best when you are talking about "infected PC". But that depends on the equipment you have.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide