Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1294
Views
0
Helpful
3
Replies

how to Block Gtalk with ACL on the switch port level

Muzzamil Hussain
Level 1
Level 1

‎07-09-2011 02:14 AM - edited ‎03-07-2019 01:09 AM

i am trying to create an ACL to block Gtalk on one swithc port only for a single user , below is show version of the switch and switch port configurations

Cisco IOS Software, C3560 Software (C3560-ADVIPSERVICESK9-M), Version 12.2(46)SE, RELEASE SOFTWARE (fc2)

Copyright (c) 1986-2008 by Cisco Systems, Inc.

Compiled Thu 21-Aug-08 15:26 by nachen

Image text-base: 0x00003000, data-base: 0x01A00000

ROM: Bootstrap program is C3560 boot loader

BOOTLDR: C3560 Boot Loader (C3560-HBOOT-M) Version 12.2(25r)SEE4, RELEASE SOFTWARE (fc1)

SW01 uptime is 6 weeks, 1 day, 18 hours, 39 minutes

System returned to ROM by power-on

System image file is "flash:c3560-advipservicesk9-mz.122-46.SE/c3560-advipservicesk9-mz.122-46.SE.bin"

SW01# sh run int Gi0/18

Building configuration...

Current configuration : 353 bytes

!

interface GigabitEthernet0/18

switchport access vlan 19

switchport mode access

switchport voice vlan 18

switchport port-security maximum 3

switchport port-security

switchport port-security violation protect

switchport port-security aging type inactivity

storm-control broadcast level 1.00

spanning-tree portfast

end

i know i have to create an extended ACL in order to block the same but the thing is i tried the same but it didnt work , any idea.

Regards.

Labels:
0 Helpful
3 Replies 3

Muzzamil Hussain
Level 1
Level 1

‎07-09-2011 03:28 AM

WOW, 80 Views and no one reply interesting

0 Helpful

jimmysands73_2
Level 5
Level 5
In response to Muzzamil Hussain

‎07-09-2011 07:00 AM

Can you resolve talk.google.com into an IP then block that IP using an ACL?

Or maybe you could modify the persons machine host file to something like this :

127.0.0.1 talk.google.com

127.0.0.1 talkx.l.google.com

0 Helpful

Muzzamil Hussain
Level 1
Level 1
In response to jimmysands73_2

‎07-10-2011 03:41 AM

here is the address

C:\>ping talk.google.com

Pinging talk.google.com [74.125.71.125] with 32 bytes of data:

Reply from 74.125.71.125: bytes=32 time=450ms TTL=46

Reply from 74.125.71.125: bytes=32 time=431ms TTL=46

Reply from 74.125.71.125: bytes=32 time=446ms TTL=46

Reply from 74.125.71.125: bytes=32 time=285ms TTL=46

Ping statistics for 74.125.71.125:

    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 285ms, Maximum = 450ms, Average = 403ms

C:\>ping talkx.l.google.com

Pinging talkx.l.google.com [74.125.65.125] with 32 bytes of data:

Reply from 74.125.65.125: bytes=32 time=243ms TTL=51

Reply from 74.125.65.125: bytes=32 time=230ms TTL=51

Reply from 74.125.65.125: bytes=32 time=243ms TTL=51

Reply from 74.125.65.125: bytes=32 time=235ms TTL=51

Ping statistics for 74.125.65.125:

    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 230ms, Maximum = 243ms, Average = 237ms

C:\>

i will try to create an ACL for the same and will share the result with you,

for the host file it quite hard to do it since its not allowed to use $ share in my Company for any reason

0 Helpful
Customers Also Viewed These Support Documents