11-02-2017 11:31 AM - edited 03-08-2019 12:36 PM
Hello,
I want to block ports from certain networks. For example network 10.10.10.0 cannot connect to port 80 but can connect to port 25. I've been trying to do this by just blocking port 80 but it still goes through. I have local web server set up on a Linux machine in the same network and have been testing this by trying to blocking access to it. Below is how I've attempted to do this but it still goes through.
en
conf t
access-list 101 deny tcp any any eq 80
access-list 101 deny udp any any eq 80
access-list 101 permit ip any any
end
conf t
interface gigabitethernet0/0
ip access-group 101 in
exit
interface gigabitethernet0/0
ip access-group 101 in
end
11-02-2017 01:17 PM
11-02-2017 04:24 PM
Hi
The extended ACL should be installed close as possible of the source, you could configure it as out instead in. I assume it is a router.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide