Situation:
I want to block certain internal IP addresses from on my internal network from reaching the external network.
The router is using network adress translation from the internal network to the external network.
Initial Solution:
I set up an outgoing access list on external interface to block the IP addresses.
Problem:
The addresses are apparently translated before they reach the interface. My logs only show the external address going through. The access-list isn't touching anything going through it.
Question:
How do I apply an outgoing access list to the interface while NAT is running?
Pain is the realization of your own weakness.
I want to block certain internal IP addresses from on my internal network from reaching the external network.
The router is using network adress translation from the internal network to the external network.
Initial Solution:
I set up an outgoing access list on external interface to block the IP addresses.
Problem:
The addresses are apparently translated before they reach the interface. My logs only show the external address going through. The access-list isn't touching anything going through it.
Question:
How do I apply an outgoing access list to the interface while NAT is running?
Pain is the realization of your own weakness.