Hello,

I have a Cisco 3800 with the below running config.

Router>
Router>
Router>
Router>
Router>ENA
Router>ENAble
Router#SH RUNN
Router#SH RUNNing-config
Building configuration...

Current configuration : 1011 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip cef
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
description WAN
ip address 177.69.177.* 255.255.255.128
ip nat outside
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/1
description LAN
ip address 192.168.150.1 255.255.255.0
ip nat inside
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/0/0
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/1/0
no ip address
shutdown
negotiation auto
!
interface Serial0/2/0
no ip address
shutdown
clock rate 2000000
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 177.69.177.*
!
ip http server
ip nat inside source list 1 interface GigabitEthernet0/0 overload
!
access-list 1 permit any
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
login
!
scheduler allocate 20000 1000
!
end

Router#

As you can see i have an access-list 1 permit any

what i am trying ot do is to keep this access-list 1 permit any but i want to block the access to one destination ip.

I tried the following

access-list 1 permit any

access-list 10 deny 130.211.14.80 0.0.0.1

I tried as well

access-list 1 deny 130.211.14.80 0.0.0.1

access-list 10 permit any

with no success.

what is the correct combination to permit everything BUT one destination which is IP 130.211.14.80??

Thx