Allowing Websites using Access-List

Hi Guys,

Is it possible to allow or deny a websites using access-list in Cisco 6500 or 3750? If yes, can you please enlighten me or give me a hint on where I can start to study. Thanks.

Your help is highly appreciated.

regards,
Gagamboy

There a few ways you can do it and it shouldn't matter if either switch is pure layer 2. Try a search for "extended access lists" or something and post your questions. You will probably end up with something similar to:

access-list 101 deny/permit tcp host <source_ip> host <dest_ip> eq www

You can use subnets rather than hosts. Remember a permit statement and then apply to interface.

This might help: articles.techrepublic.com.com/5100-10878_11-6115879.html

I'm not sure about the 6500 series. But I know the 3750 can do it.

You could also look into using NBAR (Network Based Application Recognition) to block web sites among other things. Take a look at the article on www.conftea.com/

Hi Guys,

Thanks for the info, it helps a lot. I am now starting to study it one by one and piece by piece. There are many new terminologies I've encountered in this topic but I have to focus first on this one.

Cheers!

No problem. Let us know if there is anything that needs clarification or further research/testing.