Hot Downloads

×

Notice

The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: I am having problem in access list

I am having problem in access list 11 years 5 months ago #19931

access-list 102 permit ip 10.211.200.0 0.0.0.255 any
this is my ethernet ip range.

and on serial port I assign
wan port is unnumbered ethernet
IP access-group 102 out

when i use this access list the remote ip ping lost. means i am not able to access any thing from remote location. but the connectivity is through.

what would be the problem. pls resolve it.

Re: I am having problem in access list 11 years 5 months ago #19932

access-list 102 permit ip 10.211.200.0 0.0.0.255 any
this is my ethernet ip range.

and on serial port I assign
wan port is unnumbered ethernet
IP access-group 102 out

when i use this access list the remote ip ping lost. means i am not able to access any thing from remote location. but the connectivity is through.

what would be the problem. pls resolve it.

Re: I am having problem in access list 11 years 5 months ago #19933

  • S0lo
  • S0lo's Avatar
  • Offline
  • Moderator
  • Moderator
  • Posts: 1577
  • Karma: 3
  • Thank you received: 7
I assume that your pinging your ethernet subnet from something past the serial port. If this is the case, then yes, it will not work since the reply of pings will be blocked.

Can you explain more what you are trying to do ?

Re: I am having problem in access list 11 years 5 months ago #19934

interface FastEthernet0/0
ip address 10.x.x.x 255.255.255.0
ip access-group 103 in
!
interface Serial0/2
ip unnumbered FastEthernet0/0
ip access-group 102 out
!
ip access-list 102 permit ip 10.x.x.0 0.0.0.255 any
!
ip access-list 103 deny tcp any any eq 135
ip access-list 103 deny udp any any eq 137
ip access-list 103 deny udp any any eq 138
ip access-list 103 deny udp any any eq 139
ip access-list 103 permit ip any any

this config should be on all network with their own ethernet ip.

I dont know why it is not working. when i add the 102 access list we got disconnected from our remote location. pls help me out asap.

Re: I am having problem in access list 11 years 5 months ago #19966

interface FastEthernet0/0
ip address 10.x.x.x 255.255.255.0
ip access-group 103 in
!
interface Serial0/2
ip unnumbered FastEthernet0/0
ip access-group 102 out
!
ip access-list 102 permit ip 10.x.x.0 0.0.0.255 any
!
ip access-list 103 deny tcp any any eq 135
ip access-list 103 deny udp any any eq 137
ip access-list 103 deny udp any any eq 138
ip access-list 103 deny udp any any eq 139
ip access-list 103 permit ip any any

this config should be on all network with their own ethernet ip.

I dont know why it is not working. when i add the 102 access list we got disconnected from our remote location. pls help me out asap.


What happens if you create another access list, and add it to port int s0/2, inbound?
ip access-list 104 permit ip any any
int s0/2
ip access-group 104 in
  • Page:
  • 1
Time to create page: 0.153 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup