Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
624
Views
0
Helpful
1
Replies

RFC 2827 Ingrees filtering

root.zone
Level 1
Level 1

‎04-06-2011 01:27 AM - edited ‎03-04-2019 11:59 AM

HI All,

Need a suggestion for the below query.

As mentioend below.The 6500 Internet layer is coonected to ISP and other leg going to WENBLAYER(trunked physicaly).

There are 2  SVI on Internet layer 6500 .vlan 10 is shared between both web and internet switches .

Vlan 12 is for main internet pipe .Now the thing is i can see there is one public IP whihc is not belongs to my infrastucre is geting out as SOURCE .

I beleive i can use RFC 2827 to bloack that public IP being part of SOURCE OUT traffic from our network .Can somebody guide me i can apply that filter on vlan 12 as below.

access-list OUT-IN deny ip xx.x.x.x any

access-group OUT-IN out

Labels:
Preview file
95 KB
0 Helpful
1 Reply 1

root.zone
Level 1
Level 1

‎04-20-2011 11:50 AM

Hello ,

Appriciate you inputs for the below.

I was thinking about applying route-map to NULL0 (on the shared  interface of both 65xx).please let me know your views for the same.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card