2821 ACL for the range of IP addresses

We use an old Cisco 2821 on the edge of the internet for the initial incoming traffic filtering.  To try to block some networks of suppliers that are a source of SPAM, we have tried to apply an ACL that included a range of addresses as follows:

access-list 110 deny host ip 198.20.160.0 0.0.31.255 255.255.255.255

This command has been shorted to what follows in the running configuration:

access-list 110 deny host ip 198.20.160.0 all

The ACL doesn't seem to work, as we have always received spam through on this range.

Any help is greatly appreciated.

Thank you for your time.

Hello

Your syntax ACL deny only the host 192.20.160.0.

If you look below

access-list 110 deny ip host 198.20.160.0 0.0.31.255 255.255.255.255

You have the source specified as host (198.20.160.0 host)

destination like any other host (network mask and subnet inalid - 0.0.31.255 255.255.255.255)

You want to block what subnet or network, gave me a source and destination subnet? . Will be recorrect the ACL

HTH

Sandy

Tags: Cisco Network

Similar Questions

  • Change the range of dhcp addresses for nat Vmnet8 for VMPlayer/Linux

    Hello.

    Vmplayer/fedora running. Trying to change the host address of range/ip dhcp for nat (vmnet8).

    Within the vmplayer gui, there is no apparent way to change the range/nat dhcp data.

    I see that there are a few vmware apps in/usr/bin pertaining to vmware, who seem to have an impact on the range/dhcp/nat address, but I can't find docs on exactly how it works. Also, where is the configuration for the dhcp protocol entry.

    Basically, I would put the dhcp/vmnet8 192.168.12.1 and present the range to be 192.168.12.128 - 192.168.12.135.

    Thank you

    If you have only installed VMware Player 3.x, then you have not the editor of virtual network, as in VMware Workstation and without it, here are the commands to run in a Terminal.

    sudo su
/usr/bin/vmware-networks --stop
cp -a /etc/vmware/networking /etc/vmware/networking.bak
nano /etc/vmware/networking
cp -a /etc/vmware/vmnet8/dhcpd/dhcpd.conf /etc/vmware/vmnet8/dhcpd/dhcpd.conf.bak
nano /etc/vmware/vmnet8/dhcpd/dhcpd.conf
/usr/bin/vmware-networks --start
exit

  • Set a value for the range selector

    Hello

    I'm trying to set a value for a range by script selector but without success.

    Here is my line of code:

    -app.project.item (1).layer("Text1").property ("ADBE Text properties") .property ("ADBE Text Animator").property("ADBE_Text_Selector").property ("ADBE Text Index End") .setValue (3);

    the error I get is "Undefiened is not an object.

    Maybe the property method does not work for the range selector.

    I am rookie in script... that could explain the issue

    Thank you

    Aurélien

    Looks like you're missing a few steps. A host of text is included in the Group of text animations. A range selector is in the Group of selectors of text. Each of them can be referenced by name or index (you can have several animators and selectors).

    App.Project.Item (1).layer("Text1").property ("ADBE Text properties") ("ADBE Text animators") .property .property (1).property("ADBE_Text_Selectors").property (1) .property ("ADBE Text Index End") .setValue (3);

    I recommend you google and download the script "GimmePropPaths" from Jeff Almasol. Invaluable for this kid to reference.

    Paul

  • PRC: Generate Invocie project for the range of projects is generated not invoice

    Hello

    PRC: Generate invoice project for the range of projects is generated no bills for a project, but if I do the same thing to turn
    PRC: Generate invoice for a project, it generates the invoice for this project. No idea why the two processes behave differently? Please let me know.



    Thank you
    Hanuman

    Hi Harsha,

    Generate the invoice project to various projects will not pick up the project, if there are new bills. Check if the project has received all new bills.

    Build the project invoice for single project does not check this. She removes the original invoice and regenerates.

    Please see the guide to the billing of projects, page n °: 95 for more information on this kind of differences.

    I hope this helps!

    Thank you
    Raju sirot
    www.projectsaccounting.com

  • HP ePrint only works for the main e-mail address, does NOT work for the other email address

    I have several e-mail addresses configured in the list of authorized sender, but it seems to work only for e-mail messages sent from the e-mail address (main) of the owner. I get a confirmation email when I use other e-mail addresses, saying that "labor received ePrint" but no dice.

    What gives?

    Thank you

    P

    Hi panchuparayil,

    Thank you for the update.

    Please start with the update of the printer by getting the latest Firmware and updates given that a firmware update available.  After completing the update of the firmware, please restart the printer.  Once the printer has been restarted, please try to send another email to the address of electronic mail of the ePrint printer.

  • Complete Windows 8.1 features & drivers software for the range of all-in-one printers HP Officejet 5610

    I downloaded the software from the HP (AIO_CDB_NonNet_Full_Win_WW_140_408.exe) website.  When I try to install this software on my new computer 500 - HP Pavilion c60, out of the error to install it with a message that a file is missing (hpzshl.ice_s...).  Does anyone know the correct drivers 8.1 (x 64) for printers HP Officejet 5600 Series?

    Thanks for the recommendation; but uninstall and re - download do not solve the problem.   I ended up calling HP support and they just relaunched the .exe with administrator permissions and the error has been resolved.

  • NSA CFS 2600 political by the range of IP addresses

    I have a 2600 NSA SonicOS Enhanced 6.2.2.1 - 14n running.

    After the last update of the firmware, I think he's changed, how things entered the CFS exclusion and political range.

    It shows the three IPs I was entered in politics by scope, but now when I want to add, instead of an IP address, I need to enter in the addressable object.  When I try this, I get the news and nothing happens and he said: there is no change made (lower left corner of the browser).

    Also, if I change one of the three that I got in there, it does not list the INVESTIGATION period; on the contrary, it has options to select the addressable object.  I have just set out, because I don't want to make any changes.

    Any ideas?

    Thank you

    Mike

    Technical support it attached to my support case.  Just open and cases and the number of the hotfix for reference.  I hope they will respond quickly.

    Mike

  • compatible product for the range of printers hp b209a

    What is the best replacement fo printer b209a HP? (photosmart liked)

    Hello fredilys,

    If you are looking for something similar to the Photosmart B209a, I would say the Photosmart 6520. By comparing the features between the two printers, technically speaking the Photosmart 6520 is an enhanced version of what you currently have.

    I have included the "HP Deskjet Ink Advantage 6520 e-all-in-one and HP Photosmart 6520 e-all-in-one printer printer Specifications" for you to look over.

    I hope this helps.

  • Personas Don't preview or wear. I "authorized them" under the tab dry, I need the range of IP addresses because I used /IpBlock.

    Personas Don't preview or wear. I have "authorized" in exceptions getpersonas.com . In my opinion, it will take maybe on a white list through my firewall. I used /IpBlock on Ubuntu 10.10 and I had other problems with other sites before whitelisting them. I need the IP address and the beach.

    Are you using the Personas Plus extension?

    Have you tried a new profile?

    See basic troubleshooting: a new profile

    If it takes long (several minutes) to download images of persona to carry a new character, then you won't see unless you hover effect also to wait that long. Personas are not so big to justify such a delay.

  • Apprequest - OwnCloud app for the range of HP ePrint printers

    Hey guys,.

    I don't know if I can do it here, but I have an OwnCloud running at home because I don't want to use online services. Is it possible to scan documents on my printer HP Allinone to this OwnCloud?

    My current is to scan in mettle or googlemail and move from there to my owncloud.

    Can anyone develop such an app ePrint?

    Hello Ciara_B, Hello happytohelp01

    Thank you two for your messages.

    Ciara, I saw on a support page a link which was to make a link to this page to submit idea, but it was broken. Thanks for that link, I will send the idea to HP.

    happytohelp01, it's beautiful!

    I prefer to do these things to my screen touch printers (because I'm in front of it when I put my documents in there).

    In this way is superior to scan documents to my box account and move them to my owncloud.

    For all others who want to scan documents to their OwnCloud.

    Add in the HP printer control application a cloud customized with a title, your username and password and just your owncloud directory webdav URL such as:

    http://yourdomain/owncloud/remote.php/WebDAV

    You are now able to analyze application HP Printer Control save it on your OwnCloud.

    Thank you very much

  • ACL for the nwebies.

    I, unfortunately, don't have the luxury train in Cisco, or read whatever it is thorough. While the IOS manual makes it clear how to create and apply ACLs, I need help about where to apply and how not to cut my all off building when I apply to the border router.

    Specifically, I attempt to deny any tcp ports 135-139/netbios and netbios/w2k-445-entering.

    I do this on a series router 2600 with IOS 12.2.

    Can anyone help me or point me to a useful link?

    Thank you.

    Robby-

    Assuming that your external interface is say, Serial0, you would do the following:

    access-list 100 tcp refuse any any beach 135 139

    access-list 100 tcp refuse any any eq 445

    access ip-list 100 permit a whole

    interface Serial0

    IP access-group 100 to

    If you want to be more precise and more just to block these ports will your specific within the subnet (say it's 100.1.1.0/24), then just replace the 2nd "any" in each line with "100.1.1.0 0.0.0.255.

    Remember that some Netbios traffc is UDP, then you want that block too, simply by adding another line of the access list to similar to what I showed you but with "udp" instead of "tcp".

  • Change of automatic color fields for the range of different values?

    Hi, I am a new user of Acrobat Pro and I am trying to understand if it is possible to have the color of the field changed when the calculated value is within a specific range.  I have a box of calculated field, and I want it turns to yellow when it reaches a specific numeric range and red when it gets to the other.  A change in font color would work too...

    The correct code might be:

    (function() {}

    var v = + event.value;

    If (v< 16)="">

    event.target.fillColor = color.green;

    return;

    }

    If (v< 27)="">

    event.target.fillColor = color.yellow;

    return;

    }

    Value is greater than 27

    event.target.fillColor = color.red;

    })();

    In particular this line of code is invalid:

    If (27 16) {}

    Something like this would be:

    If (v > = 16 & v)< 27)="">

    that translated to English is: If the value of the variable v is greater than or equal to 16 and less than 27...

    So another functionally equivalent script could be:

    var v = + event.value;

    If (v< 16)="">

    event.target.fillColor = color.green;

    } else if (v > = 16 & v)< 27)="">

    event.target.fillColor = color.yellow;

    } else {/ / value is greater than or equal to 27}

    event.target.fillColor = color.red;

    }

    I don't know if it's exactly what you want, but you should be able to revise it accordingly.

  • HP ProBook b 6450: Solution Center Software for the range of all-in-one printers, HP Photosmart C4385

    I installed the package full HP printer and it has not installed the solution Center. Impossible to find. Need this to scan documents. What should I do?

    Hello

    You can download the complete software of this site features:

    http://support.HP.com/us-en/drivers/selfservice/HP-Photosmart-C4380-all-in-one-printer-series/3221640/model/3221645#Z7_3054ICK0K8UDA0AQC11TA930O2

    Once you have done this, is that you can uninstall before reinstalling the software downloaded?

    This printer model IS USED the Solution Center.

    Let us know how it goes.

    Please click the "accept as solution" if it helped to solve your problem and "Bravo Thumbs up" as an encouragement

  • Cannot find "export" for the transfer of email address

    Under Tools there is no "export"?

    Hello

    what e-mail program

    Export is normally under 'file '.

  • Something similar to groups of objects, but for the ports? (must be used on an ACL)

    Hello community!

    I'm fairly new, when it comes to firewalls, but I have some experience with routers and switches, so I'm not completely lost.

    Practically, we all know that a group object is a large bucket to throw things and then managing them as a single group, which is very useful for many reasons... so is there something similar that we can use in an ACL for the port?

    Say so, let that I want to allow the following ports:

    • 80
    • 443
    • 25
    • 30500
    • 20500
    • 8080
    • 14600
    • 21
    • 753
    • 22

    And instead of doing something like this:

    dmz_access_in list extended access permit tcp host WEB host EXT - WEB eq 80

    dmz_access_in list extended access permit tcp host WEB host EXT - WEB eq 443

    dmz_access_in list extended access permit tcp host WEB host EXT - WEB eq 25

    dmz_access_in list extended access permit tcp host WEB host EXT - WEB eq 30500

    dmz_access_in list extended access permit tcp host WEB host EXT - WEB eq 20500

    access-list extended dmz_access_in permit tcp host WEB host WEB-EXT eq 8080

    dmz_access_in list extended access permit tcp host WEB host EXT - WEB eq 14600

    dmz_access_in list extended access permit tcp host WEB host EXT - WEB eq 21

    dmz_access_in list extended access permit tcp host WEB host EXT - WEB eq 753

    dmz_access_in list extended access permit tcp host WEB host EXT - WEB eq 22

    do something like:

    dmz_access_in list extended access permit tcp host WEB host WEB-EXT eq PORT_LIST1

    Thank you!!

    PD: Excuse me if some port above are not TCP, if just one example. I just start typing all the numbers that came to my head.

    Hey Rolando,

    On a SAA, you can combine services and protocols based on the source/destination in an object-group service oriented. Your example would look like this:

     object-group service PORT_LIST1 service-object tcp destination range 21 22 service-object tcp destination eq 25 service-object tcp destination eq 80 service-object tcp destination eq 443 service-object tcp destination eq 753 service-object tcp destination eq 8080 service-object tcp-udp destination eq 14600 service-object tcp destination eq 20500 service-object tcp destination eq 30500

    You can create also integrate groups:

     object-group service WEB_PORTS service-object tcp destination eq 80 service-object tcp destination eq 443 object-group service PORT_LIST1 group-object WEB_PORTS service-object ...

    This type of group is going where the Protocol is specified in the ACL:

     access-list dmz_access_in extended permit object-group PORT_LIST1 object HOST object EXT-WEB

Maybe you are looking for