Using ACL to block traffic from internal LAN

975 pts.
Tags:
ACL
ACL Manager
Internal LAN Domain
LAN
LAN administration
Remote access
Subnet
What is an ACL and how can I use one to block traffic from our internal LAN to a remote subnet?

Answer Wiki

Thanks. We'll let you know when a new response is added.

An ACL means Access Control List.
It is a list that controls access to networks.

To answer your question, you need to be more specific.
In which equipment do you intend to deploy the ACL brand and model.
What is your layer 3 network configuration?
What addresses are you using in your local and remote subnet (the one you want to block)
Do you want to block any traffic or specific traffic?

PLease post back.

——————————

Think of an ACL as a “network traffic filter” – they can be used to allow, prevent or redirect certain types of traffic..

A good example of one that accomplishes what I believe you’re asking is as follows:

(This config was done on a Cisco 1841 and is assuming your LAN is 192.168.10.0 /24, and the remote LAN is 172.16.1.0 /24)

<b>Router(config)#access-list 100 deny ip 192.168.10.0 0.0.0.255 172.168.1.0 0.0.0.255</b> – This blocks ALL traffic from one LAN to the other

<b>Router(config)#access-list 100 permit ip any any</b> – This prevents the ACL from killing ALL traffic NOT destined for the remote LAN

Then Apply the ACL to the router interface that connects to your LAN:

<b>Router(config)#int fa0/0
Router(config-if)#ip access-group 100 in
Router(config-if)#exit</b>
That should block the 192.x LAN from getting to the 172.x LAN without blocking any other traffic to the Internet or other networks…

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following