| Author |
Blocking Web Sites on a Router ?????
|
|
|
| Hello. I have a question for you guys. How can I set up an extended access list to block certain web sites and not all www traffic. Say for example that I wanted to block www.cnn.com This help is VERY appreciated.
Thanks,
Tim | |
|
| Typically this is done at a firewall, but I guess if you only had a few sites to restrict you could deny all traffic to each of those destination addresses with an access list.
Yankee | |
|
| Yankee- Could you give me an example of that access list. Having some trouble with the format of the extended access list. The reason for this is- The person that I want restricted has access to the proxy, but not the router so if i did it at the router level it would work for me.
Thanks,
Tim | |
|
| If he uses a static ip you could define him as the source like this:
access-list 101 deny ip <his ip address> 0.0.0.0 <www.cnn.com ip address> 0.0.0.0 eq www
access-list 101 permit ip any any
I think the www.cnn.com may work in place of its ip but I'm not certain and there is no doubt it would be more efficient with the IP.
Let me know how it goes,
Yankee | |
|
| Correct me if i am wrong. Is it
access-list 101 deny tcp <his ip address> 0.0.0.0 <www.cnn.com ip address> 0.0.0.0 eq www
access-list 101 permit ip any any
------------------
|
|
|
|