Godlike-Dodo
commented
1 year ago Block network from 192.168.20.0 to 192.168.30.0
enable configure terminal access-list 110 deny ip 192.168.20.0 0.0.0.255 192.168.30.0 0.0.0.255 permit any any
go to the router interface interface Gig0/0/1 ip access-group 110 in/out
show access-list
end copy running-config startup-config
Go to router enable configure terminal ip access-list [?] ip access-list extended [?] ip access-list extended blockhttp deny [?] tcp deny tcp 192.168.20.1 [?] (Source wildcard bits = Tegenovergesteld wat er staat van het subnetmask. 255.255.255.0 wordt: 0.0.0.255)_ deny tcp 192.168.10.5 0.0.0.255 deny tcp 192.168.10.5 0.0.0.255 host 192.168.10.5 (http = port 80 (https = port 443) deny tcp 192.168.10.5 0.0.0.255 host 192.168.10.5 eq 80 permit any any
Go to router interface interface fa0/1 ip access-group [?] ip access-group block_http ip access-group block_http [?] inbound
You can ping from pc to server. You can't access the server ip via the pc webbrowser. That is blocked now.