No announcement yet.

Cisco ACL help...

  • Filter
  • Time
  • Show
Clear All
new posts

  • Cisco ACL help...

    Need some help on ACL's....any ideas?

    1. Allow ICMP ping from 10.115.28.x to 10.15.8.x
    2. Deny all other traffic from 10.115.28.x to 10.15.8.x
    3. All traffic to be allowed from to &
    4. Allow ports 80/443 to be allowed from 10.115.28.x to &

    * PC's can only "initiate/register" contact to either Proxys (inside/outside the friewall).
    * Proxy's then communicate to server.
    * server then sends communication back down to the Proxy's.
    * Proxy's then communicate back down to the PC's. Sever
    ------------------------------------------ Proxy
    Cisco 7204 ACL Firewall (
    ------------------------------------------------- ( NAT) Proxy
    | | |

    See config below...

    int for 7204
    interface FastEthernet0/0
    ip address
    ip access-group 102 in
    ip access-group 103 out
    ip nat outside

    access-list 102 permit icmp echo
    access-list 102 permit tcp host host established
    access-list 102 permit udp host host gt 1023
    access-list 102 permit icmp host host echo-reply
    access-list 102 permit icmp host host echo-reply time-exceeded

    access-list 103 permit icmp echo-reply
    access-list 103 permit ip host host

  • #2
    Re: Cisco ACL help...

    Hi dvtestguy,
    Thanks for the post.

    Have you tried this ACL yet? Are there parts of it that aren't working?

    Let me know and I'll see if I can help.

    David Davis - Petri Forums Moderator & Video Training Author
    Train Signal - The Global Leader in IT Video Training - Free IT Training Products
    Personal Websites: &