HI All,
Need a suggestion for the below query.
As mentioend below.The 6500 Internet layer is coonected to ISP and other leg going to WENBLAYER(trunked physicaly).
There are 2 SVI on Internet layer 6500 .vlan 10 is shared between both web and internet switches .
Vlan 12 is for main internet pipe .Now the thing is i can see there is one public IP whihc is not belongs to my infrastucre is geting out as SOURCE .
I beleive i can use RFC 2827 to bloack that public IP being part of SOURCE OUT traffic from our network .Can somebody guide me i can apply that filter on vlan 12 as below.
access-list OUT-IN deny ip xx.x.x.x any
access-group OUT-IN out