Block outgoing traffic to a specific IP(s) address

[npicard]

We have a Cisoc 1700 series we use for our Internet router. I want to block all outgoing traffic to a specific IP address for example I do not want anyone from within our company to hit ip address 12.96.1.1 on port 80.

Thanks

 

[njgpeck]

Just setup an ACL on your outside interface that will deny ip any host 12.96.1.1 eq www. Then make sure you add a permit any any at the end. Then you can add more restrictions later on if you wish.

So a basic ACL would look like this:
deny ip any host 12.96.1.1 eq www
permit ip any any

Just remember, this last statement will permit any outbound traffic. If you already have an outbound ACL just add the deny statement.

 

[ChrisAC]

access-list 101 deny tcp any host 12.96.1.1 eq 80 log
access-list 101 permit ip any any

int fa0
ip access-group 101 in

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************