Announcement

Collapse
No announcement yet.

ACL router problem

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • ACL router problem

    Hi ALL !!

    I need to connect from a host (192.168.8.139)in the lan to host
    192.168.1.15 so I put acl like this: ( I added the first line )

    access-list 111 permit tcp host 192.168.8.139 any
    access-list 111 permit tcp 192.168.0.0 0.0.255.255 host 192.168.8.2 eq
    telnet
    access-list 111 permit tcp host 192.168.8.7 any
    access-list 111 permit tcp 192.168.0.0 0.0.255.255 any eq www
    access-list 111 permit udp 192.168.0.0 0.0.255.255 any eq domain
    access-list 111 permit tcp 192.168.0.0 0.0.255.255 any eq 443
    access-list 111 permit tcp 192.168.0.0 0.0.255.255 any eq 5900
    access-list 111 permit ip host 192.168.8.198 any
    access-list 111 permit ip host 192.168.8.199 any
    access-list 111 permit icmp any any echo-reply
    access-list 111 permit icmp any any echo
    access-list 111 permit icmp any any source-quench
    access-list 111 permit icmp any any time-exceeded
    access-list 111 deny icmp any any
    access-list 111 permit tcp any any established
    access-list 111 deny ip any any log

    take a look also at line 3 of the acl this host is the internal mail
    server, from that mail server when I try to connect to host
    192.168.1.15 there is no problem !!! so I made a similar entry to
    enable connection from my host (192.168.8.139) but It doesnt work !! I
    know its a problem of the ACL beacuse when I remove this ACL (which is
    applied to vlan 1 BTW) the connection works!!

    please help !
    marco
Working...
X