Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
598
Views
0
Helpful
4
Replies

need to block few ip address

Sipl_24034
Level 1
Level 1

‎03-25-2016 08:49 PM - edited ‎03-05-2019 03:39 AM

hello ,

our antivirus ask us to block few ips in network.those ip are from Internet.

 queries -

our Network structure is first come router-firewall-core.

where i can block infected ip address ?

on router or on firewall .

if in router then please provide us command for same

Labels:
0 Helpful
4 Replies 4

Tagir Temirgaliyev
Spotlight
Spotlight

‎03-25-2016 10:48 PM

please provide us router configuration exept passwords and ip

sh runn

0 Helpful

Sipl_24034
Level 1
Level 1
In response to Tagir Temirgaliyev

‎03-25-2016 11:26 PM

Log file attached herewith

Preview file
4 KB
0 Helpful

Tagir Temirgaliyev
Spotlight
Spotlight
In response to Sipl_24034

‎03-26-2016 09:49 PM


conf t
ip access-list extended FromWorld
deny ip any 192.168.0.0 0.0.255.255
deny ip any 172.16.0.0 0.15.255.255
deny ip any 10.0.0.0 0.255.255.255
!------------ add your lines here like ---- deny ip host a.b.c.d any
permit ip any any
!

interface GigabitEthernet0/0
description "LINK TO RAILTEL INTERNET"
ip access-group FromWorld in
exi
exi

wr

0 Helpful

Karsten Iwen
VIP
VIP

‎03-26-2016 12:20 AM

The firewall would be the typical place to enforce access-control which includes blocking communication with IPs on the internet. There are multiple ways to achieve that, and using ACLs is probably not the best when you are talking about "infected PC". But that depends on the equipment you have.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card