Block an IP from accessing the network on a Cisco Router

30. January 2014 Cisco Router 1

We had a client call and say their site was being hammered.

Through Cisco’s IP Accounting, we discovered a device on the network getting whacked by a ton of IP Addresses from the Internet.  I gave them the IP to investigate but with DHCP they had no way to tell who it was.  So we slapped on a quick ACL to block the device to and from access outbound.  At this point, we assumed someone would scream.  They did… And they found the culprit.  Torrent software.  Their 10mb hammered circuit dropped to 1mb instantly after the ACL was applied.

This was done on a Cisco Router.

Make sure you don’t already have an ACL 101 in place.  Just change the number if necessary.

access-list 101 remark BLOCK IP FROM NETWORK ACCESS
access-list 101 deny   ip any host 192.168.61.101
access-list 101 deny   ip host 192.168.61.101 any
access-list 101 permit ip any any

interface FastEthernet0/0
 ip access-group 101 in
 ip access-group 101 out


1 thought on “Block an IP from accessing the network on a Cisco Router”

  • 1
    Nehaa Patel on January 5, 2018 Reply

    Beautiful post to discover. Thanks for sharing

Leave a Reply