Sample Access List




Sample:
Blocking 1 IP - access list 1 deny 192.168.2.101 0.0.0.0 (deny host 192.168.2.101 For Single IP)
Blocking whole network  - access list 1 deny 192.168.2.0 0.0.0.255
Allow All - access list 1 permit any

Apply to Interface - int Fa0/1
ip access-group 1 out 

If the commands get accidentally placed on FA0/1 as  INBOUND of the right router, it will still block the IPs but will also block them from the rest of the network.



Popular Posts