You have the source address and destination address flipped around and you
havn't specified a port, try:
access-list 101 deny tcp any host 63.241.16.56 eq www
ie: prevent any source address from reaching host 63.241.16.56 on port 80
Hope that helps..
Russ..
""tselvan"" <[EMAIL PROTECTED]> wrote in message
01e001bfecc0$f5112240$0900a8c0@microsense">news:01e001bfecc0$f5112240$0900a8c0@microsense...
hi,
we r using cisco 1720 router connected to isp thru a serial interface.
router is inturn connected to an ethernet interface to serve the users.
we want to filter certain web sites like mp3.com, yahoo.com as we r using
the leased line for office use.
we have tried out the following using access-list:
access-list 100 deny tcp 63.241.16.56 0.0.0.0 192.168.1.0 0.0.0.255
63.241.16.56 - for mp3.com
192.168.1.0- for user network.
when we tried out this users were unable to browse.
pl suggest for an alternate access control list.
beno
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]