11-02-2017 11:31 AM - edited 03-08-2019 12:36 PM
Hello,
I want to block ports from certain networks. For example network 10.10.10.0 cannot connect to port 80 but can connect to port 25. I've been trying to do this by just blocking port 80 but it still goes through. I have local web server set up on a Linux machine in the same network and have been testing this by trying to blocking access to it. Below is how I've attempted to do this but it still goes through.
en
conf t
access-list 101 deny tcp any any eq 80
access-list 101 deny udp any any eq 80
access-list 101 permit ip any any
end
conf t
interface gigabitethernet0/0
ip access-group 101 in
exit
interface gigabitethernet0/0
ip access-group 101 in
end
11-02-2017 01:17 PM
11-02-2017 04:24 PM
Hi
The extended ACL should be installed close as possible of the source, you could configure it as out instead in. I assume it is a router.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: