You need to add IP ACCESS-GROUP 101 OUT
also to block outgoing WWW requests. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 13, 2001 7:59 PM To: [EMAIL PROTECTED] Subject: ACLs Applied to VLANs [7:26175] Hi everyone. I'm using a 2900 Catalyst and embarassingly enough, I cannot fully block myself from port 80. My ACL does block me from accessing the switch's Web interface, but I still surf the net. I'm on port F0/2 and my router is on F0/9. All ports are on the default VLAN. Any help appreciated. Thanks in advance! interface VLAN1 ip address 192.168.0.5 255.255.255.0 ip access-group 101 in no ip directed-broadcast no ip route-cache ! access-list 101 deny tcp any any eq www access-list 101 permit ip any any Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=26178&t=26175 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
