Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
35636
Views
0
Helpful
3
Replies

Access list - Block one ip or port - I just it to stop !

Go to solution
Andrewchandler1973
Level 1
Level 1

‎01-10-2012 10:24 AM - edited ‎03-07-2019 04:15 AM

I have a layer 3 switch, 3550.

I have several vlans on there just for playing around with. One of the vlans, has a vonage linksys box attached to it with a UK number attached. From time to time telemarketers call at 03:00 in the morning, this as I'm sure you can imagine is not much fun. The linksys box gets 192.168.3.3 as it's ip.

The switch is connected to a non cisco router at 192.168.0.1

interface FastEthernet0/24

no switchport

ip address 192.168.0.2 255.255.255.0

I was thinking a time based access list would work best

I have tried several variations but the phone still rings.

I have tried

access-list 1 deny host 192.168.3.3

permit .....

and more extensive lists but the phone still rings. I have not applied the time-range yet, so that's not the problem.

I have applied the list to the vlan interface and to fa0/24 but it's not working.

Where should I apply it? What am I missing?

Thanks!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Edison Ortiz
Hall of Fame
Hall of Fame

‎01-10-2012 10:40 AM

Try

access-list 101 deny ip any host 192.168.3.3

access-list 101 permit ip any any

interface FastEthernet0/24

no switchport

ip address 192.168.0.2 255.255.255.0

ip access-group 101 in

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Edison Ortiz
Hall of Fame
Hall of Fame

‎01-10-2012 10:40 AM

Try

access-list 101 deny ip any host 192.168.3.3

access-list 101 permit ip any any

interface FastEthernet0/24

no switchport

ip address 192.168.0.2 255.255.255.0

ip access-group 101 in

0 Helpful

Go to solution
Andrewchandler1973
Level 1
Level 1

‎01-10-2012 02:21 PM

Thanks I tried exactly that last night and it left the phone still on. For some reason it needs a minute or two to take, not sure why but that solved it. Thanks

0 Helpful

Go to solution
Andrewchandler1973
Level 1
Level 1
In response to Andrewchandler1973

‎07-03-2012 04:45 PM

I've started having some issues with this phone. How do I apply the best qos solution to this port? I've looked at auto qos voip but that's not going to do it, I didn't think it would... I know QOS is the way to go with this but I cant find a simple example/how to to help me figure this one out.

Thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card