Cisco :: C3750 How To Block A Host From Accessing Internet
Mar 5, 2012
I have a VMware workstation on my host computer (windows 7) and the VMware workstation has a virtual machine (windows 7) on the host. We were trying to allow internet access only to the Virtual machine, i.e. to minimize exposure of the host to the internet. I tried to use Vlan Access Control list with MAC ACL to deny the host virtual machine from accessing the internet and allow all other traffic including the virtual machine. The configuration works for some time and after some time when the virtual machine continously pings the c3750 switch (wher the VACL is implemented), the host also pings the c3750 switch and re-establishes connection with the internet. But when we configured the c3750 switch to deny the VM and allow all other traffic, it works fine. It seems like the host automatically finds a way to get arround the VACL.
I want to block all program from accessing internet except one. I can do it using Windows Firewall but some programs doesn't get blocked!
And the list is too big to block them one by one (some programs doesn't get unchecked to block them).
I play online game (Counter Strike:CZ) that lags after some intervals (that lag is my actual problem) so i want to stop every app to access internet except my game.
I have a DIR-615 router. I would like to know if it is possible to block a PS3 from accessing the internet completely, without blocking any other computers/devices. I have access to the router, but not to the PS3 itself.
how to block a user from using the internet when they plug their computer into a router. My roommate has refused to pay her share of the internet and, being a college student, I don't have enough money where I feel generous enough to let her have free internet after stiffing me. Basically, I have 2 routers at the moment (hoping to fix this soon): my Qwest modem works as a router but I also have a Linksys router connected to it. The only phone jack is in her room so I have no way of stopping her from plugging her computer straight into the modem and/or router. I've configured the wireless so that she would be unable to access the, wirelessly but I'd like to know how to prevent her accessing the internet when she plugs her computer directly into either component.
Our client having one c3750 with ipbase license switch.They are connected server and end switches to that switch.Our customer want to increase the speed to accessing the server at that time I am told to use etherchannel.Customer happy about this and implement the etherchannel configuration.Now i need to configure etherchannel upto 4 physical link.server are connected on port no Ge1/0/10,they want to bind four phical link GE1/0/10-13.how to configure etherchannel in this switch?
Is there any way to Mirror a CISCO C3750 Switch Port Taffic to a remote Host IP Address?I know Port Mirror (SPAN/RSPAN) can copy one Interface Packet to another Interface. But I am looking for a way to miror Switch Port Packets to a remote Host (having Public IP Address and running Wirehark). Is it possible?
I have a home computer which part of the home's workgroup and I have a office laptop which is part of a domain. Both of these are connected to the home wireless router and I can ping from one to the other via IP only and not by hostname. I have to access DB which is on my home computer (workgroup) from office laptop(domain). How do I achieve this? I search the internet and found we can enable sharing by IP. But my usecase will require access to the workgroup computer using hostname from laptop.
I am having some trouble understanding extended control lists. I am trying to prevent a certain host on LAN1 from accessing a server on LAN2, while still allowing the host access to the rest of LAN2.This is what I thought the command should be:
access-list 100 deny ip 175.16.1.2 0.0.0.0 175.17.2.2 0.0.0.0
My understanding was that:
Green = source & mask Red = destination & mask
However this seems to stop all my other hosts on LAN1 from pinging the server also.
How do I block a particular IP from accessing my network entirely? I have a hacker with a known IP I want to shut out. I tried creating a DENY inbound filter (with just that IP as the range) but that didn't seem to work. that hacker kept being able to attempt logins.
Any step by step instructions (for the DIR-655) on how to block a PS3 from accessing this router? I know how to log into the router's page and I can get the MAC address of the PS3, but I am clueless from there. I want to block it completely is possible.
I have Cisco ASA 8.0(5) and I need to block specific url to acees my https server in dmz ?I read about websence technology, but I think it's not free right? Also I read abotu policy inspection map's but in my case is HTTPS not http ..
In my office there is 2 desktops which is networked. one is in the office and the other in my room. internet connection is also there, the modem is kept in my room. but one of my cousin is there in my house and he has a laptop, the internet for his lap is taken from my modem. and now i have noticed that my cousin is visiting adult content sites and i want to block him ? is there any way. why the history he uses is being shown in my browsers history ?
I have a LAN with 6 vlans and a 2821 router. By default, intervlan routing is enabled for all vlans, however, I want specific vlans to be denied access to others, though all should still be able to use the Internet being served from GE/0.
I'm using an ASA5505 (8.4(1)) and would like to block port 80 on a specific host in the LAN so machines in other remote LANs connected via VPN can't access this port on the host. Devices in the local LAN should have access to this port on the host. Here are the commands I'm using:
-access-list block_port extended deny tcp any host 10.20.10.20 eq 80 -access-list block_port extended permit ip any any -access-group block_port out interface inside
These commands are not working as I would expect them to. When I browse to http://10.20.10.20 from a remote machine over the VPN tunnel I am able to access the host web server.
I have a test setup of a C3750 stack as a core and some 2960's as access switches.[URL] - The switches at the bottom is the new network (VLANNED). The switches on the left is the current production network (10.1.1.0/24) From the C3750 to the router is a /30 network.
There will be 6 VLANs but at the moment I have one configured. VLAN50 - 10.5.1.0/24 From the C3750 I can ping my current production network, internet, other VLANs in the testsetup, ... Everything.From the C2960 I can ping other VLAN's, reach the gateway, reach the router, reacht the currenct production network. But I can't reach internet. I've configured "ip default-gateway 10.5.1.254" on the C2960. C3750 relevant config is down below.How is it that I can reach other networks connected to the router and not internet from the access switches? I'm just trying to ping 8.8.8.8.
! ip routing ! ! interface GigabitEthernet1/0/1 no switchport ip address 172.16.1.2 255.255.255.252
I have a host that can successfully connect to a PIX 515E (7.x OS) via VPN Client; however, I have no IP routing to the LAN from the remote host.The VPN IP pool works finem,The LAN default gateway is the inside interface on the PIX; the network is flat L2 behind it.The default route on the PIX points out; no other routes are defined,The VPN remote host can be pinged from LAN hosts, but the VPN remote host cannot ping any LAN host, not even the PIX inside interface.
my sister is having a pc in office which is connected to another pc (having net connectivity) over LAN. she is getting the LAN icon in network connections. till today she could not access internet on her pc.but today an engineer came, and changed proxy address or something in internet options>connections>lan settings and accessed internet. after he was over, he again changed something in lan settings and went away. now my sis is not able to access internet. what can i do
I want to access my system from internet. My network scenario is as follows; Internet ==> DSL Modem(s) ==> Load Balance ==> Gateway Firewall ==> My PC DSL 1 : ZXDSL 831CII (Fixed IP)DSL 2 : HG510a Load Balance : TL-R480T+Gateway Firewall : pfSense (BSD)
I just installed WIFI wireless camera in the house. I validated that I can access and view video within home WIFI network. However, I can't seem to access it remotely outside my home Wifi. I follwowed the instruction - found my IP address xxx.xx.xx.xxx : 85 and set port forwarding to 85 to IP camera.
i'm trying to connect my xbox360 to the internet. I'm upstairs, my modem and router are downstairs. I'd prefer not to have to get a wireless adaptor for my xbox, but if that's the only way, i'll settle with that.We have Comporium internet. I can get cable if I hook a cable box up to the coax port in the wall upstairs. I have been looking at coax to ethernet adaptors, hoping I could go from the coax in the wall, to the adaptor, right into the back of the xbox. Is this possible?
I haven't been able to get a decent answer to no matter how much googling etc I do. We have a problem in our flat where any time someone downloads something everyone else in the flat loses access to the internet until that person finishes their download or stops it. We are all accessing the internet through the same router, 3 of us wirelessly and 1 wired. The computers which are for some reason blocked by the other person downloading can't even access the router to do a reset or work out whats happening. [URL] gives our download speed as 14.80Mbps which isn't great but okay for good old NZ.Why would it be that 1 person downloading is preventing the others from accessing the net, do some downloads somehow take full control of all the available bandwidth ?.And is there any way to make it so that it doesn't happen, like make it so no computer can use all the bandwidth at a time ?, ie my flatmate can download his whatever but I can still send emails etc at the same time.
I have a cisco 2811 router doing nat on my home network and it works fine.I've connected a cisco 2621 router to the 2811 both have serial T1 cards, I have enabled IP routing on both and have eigrp 1 process running. I can ping and telnet to each router and they are advertising the networks on each other. when i do a traceroute on the 2621 to an outside address or name example [URL]I get no reply.
I have the Apple Time Capsule connected to my ISP using PPPoE and it is working just fine creating a wired and wireless network. The IP address of TC is 192.168.1.1 and I have set it's DHCP range between .100 to .200Next, I wanted to add VPN to the router as I live outside the US and wanted to access some services in the US. So I got an ASUS router and flashed it with Tomato firmware.I assigned the ASUS as IP address of 192.168.1.10, connected this it to a LAN port on the Apple and used a DHCP type Internet connection to set it up. I then created a second WiFi Network and gave the DHCP range between .11 to .20Now using any Wi-Fi device, I can connect to either of these networks and browse the web just fine. The ASUS is all setup as a VPN client so any traffic going through the ASUS is through a US based VPN.
I have trouble accessing the internet from my laptop after installing Ciso AIR-LAP1142N-A-K9 AP.The AP are connetected to my router (which has a DHCP enabled) via a switch and each has a Fix IP address with network mask, gateway and DNS already configured. When I triy to connect to the access point, only the IP address and network mask are automatically assigned to the my laptop. and I have to manually input the gatway and DNS to be able to navigate the internet. I would like to know which configuration will allow any node that tries to connect the internet via the access point to be automatically configured to access the internet after authentication.
I have a router and a server that are connected through two unmanage switches. The router has DSL service in it and I want to access the internet on the server but I can't. The two are in the same network and it is a static IP network. I can ping the router from the server.
I have finally got netgear adapter to connect to router, and its connected, but not able to access any webpages. I am not receiving any bytes back. I had to manually type in a IP address, as it was not picking it up automatically. I have other devices connected to the router (laptop, ipad, iphones) and access web easily. I have tried hard resets, and shut downs all with no avail
So i have set up my Dir-615 router and it worked for about a week perfectly. Then one day i was able to connect to the router, but it says that there is no internet connection. This is untrue since i am able to connect to the internet if i unplug from its WAN port and put it straight into my laptop.
