Access List configuration

siscisco05 · ‎10-08-2007

I am trying to block a certain host on port 80, but can't seem to get the ACL syntax correct and also can't bound it to an interface. Below is the commands that I have entered.

deny tcp host xx.xxx.xx.xxx any eq 80

permit ip any any

I have also added the access group to an interface.

># int FastEthernet0/0

># ip access-group "acl name" in.

Can someone help me out.

Thanks

Jon Marshall · ‎10-08-2007

Hi

Could you be more specific as to what you want to do.

deny tcp host x.x.x.x any eq 80

says "do not allow the host x.x.x.x to talk to any machines on port 80". Is this what you want.

deny tcp any host x.x.x.x eq 80

says "do not allow any machine to talk to host x.x.x.x on port 80.

the command

ip access-group "acl_name" in

under interface config mode should work. What happens when you do a

sh run int fa0/0

do you see the config applied ?

Jon