cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
484
Views
0
Helpful
1
Replies

Block a subnet range from data network.

Roger Richards
Level 1
Level 1

Good day, I have a lab subnet that is on my network that has as ACL currently blocking access to my data network but is allowed to browse the web and receive dhcp requests. Now  I want to add the LAB pc's to AD but i still want to keep them of my data network.

 

this is my current ACL 

 10 permit udp any eq bootpc any eq bootps (11705 matches)
    20 permit tcp any any eq domain (3274 matches)
    30 permit udp any any eq domain (679408 matches)
    31 permit tcp any any eq 135 (254 matches)
    40 permit tcp 10.20.50.0 0.0.0.255 eq www any (14 matches) <-- lab subnet

    50 deny ip any 10.20.60.0 0.0.1.255 log (2816 matches)
    60 permit ip any any (69791285 matches)

 

I want to be able to allow pc's on he 10.20.50.0 do join the domain. Can this be done?  I hope I am making sense.

 

1 Reply 1

Hello.

Please find the information on the following link - http://support.microsoft.com/kb/179442#method3

PS: but I think the simplest could be just to permit all for AD DC IP-addresses.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco