Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1430
Views
0
Helpful
1
Replies

Blocking sites in cisco 2800

Srinivas N
Level 1
Level 1

‎11-24-2012 10:11 AM - edited ‎03-07-2019 10:13 AM

Hi Friends,

I have a cisco 2800 router..

(flash:/c2800nm-advsecurityk9-mz.151-4.M4.bin, Version 12.4(13r)T11)

configured DHCP, DNS, NATING and Bandwidth restruction...

And to stop some social network (facebook.com) i configured ip route 66.220.144.0 255.255.240.0 Null0 (rang of facebook address)

But still i am able to open facebook.com in my network...

Plz advise me is there any wrong in my config........?

ADMIN-II_2811#sh run

Building configuration...

Current configuration : 1812 bytes

!

! Last configuration change at 17:26:33 UTC Sat Nov 24 2012

version 15.1

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname ADMIN-II_2811

!

boot-start-marker

boot system flash:/c2800nm-advsecurityk9-mz.151-4.M4.bin

boot-end-marker

!

!

enable secret 4 XXXXXXX

!

no aaa new-model

!

!

dot11 syslog

ip source-route

!

!

ip cef

ip dhcp excluded-address 192.168.1.0 192.168.1.10

!

ip dhcp pool ADMIN-II

network 192.168.1.0 255.255.255.128

default-router 192.168.1.1

dns-server x.x.x.x x.x.x.x

!

!

!

no ip domain lookup

!

multilink bundle-name authenticated

!

!

crypto pki token default removal timeout 0

!

!

!

!

license udi pid CISCO2811 sn FHK145

!

redundancy

!

!

!

!

!

!

!

!

!

interface Loopback0

no ip address

!

interface FastEthernet0/0

description # WAN Network #

ip address X.X.X.X 255.255.255.X (my public IP)

ip nat outside

ip virtual-reassembly in

duplex auto

speed auto

!

interface FastEthernet0/1

description # Lan Network #

ip address 192.168.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

rate-limit input 1024000 192000 384000 conform-action transmit exceed-action dr

op

rate-limit output 1024000 192000 384000 conform-action transmit exceed-action d

rop

duplex auto

speed auto

!

ip forward-protocol nd

no ip http server

no ip http secure-server

!

!

ip nat inside source list 10 interface FastEthernet0/0 overload

ip nat inside source static tcp 192.168.1.9 3389 115.119.187.45 3389 extendable

ip route 0.0.0.0 0.0.0.0 115.119.187.X (my gateway)

ip route 66.220.144.0 255.255.240.0 Null0 (facebook rang IPs)

!

access-list 10 permit any

!

!

!

!

!

control-plane

!

!

!

line con 0

line aux 0

line vty 0 4

password 7 0

login

transport input all

!

scheduler allocate 20000 1000

end

ADMIN-II_2811#

Thanks & Regards,
Srinivas. N.       

Thanks & Regards, Srinivas. N.
Labels:
0 Helpful
1 Reply 1
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card