GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
RE: ACL [7:83974] posted 02/07/2004
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


Try following.....


access-list 110 permit tcp host 128.1.1.1 any eq telnet
access-list 110 permit tcp any eq 80 host 128.1.1.1
access-list 110 deny ip any any


-dave

-----Original Message-----
From: nobody@xxxxxxxxxxxxxx [mailto:nobody@xxxxxxxxxxxxxx] On Behalf Of
news.groupstudy.com
Sent: Saturday, February 07, 2004 12:45 AM
To: cisco@xxxxxxxxxxxxxx
Subject: ACL [7:83974]

Hi All - I setup a lab and ran into ACL problem.  I got an ACL on a
router
to block all incoming telnet sessions;  however, this also blocked the
telnet session originate from this router, even I allowed the IP address
of
the outside interface talking to "any".  For example, the IP address of
the
serial interface is 128.1.1.1, I got the following ACL:

(config)# access-list 110 permit tcp host 128.1.1.1 any eq telnet
(config)# access-list 110 permit tcp any host 128.1.1.1 eq telnet
(config)# access-list 110 deny ip any any

What did I do wrong? or it's the nature of the ACLs on Cisco routers?
Is
there workaround on this?  Thanks much!

Thomas
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=83987&t=83974
--------------------------------------------------
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html