Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: I am having problem in access list

I am having problem in access list 9 years 9 months ago #19931

  • kzrizvi
  • kzrizvi's Avatar
  • Offline
  • New Member
  • Posts: 3
  • Karma: 0
access-list 102 permit ip 10.211.200.0 0.0.0.255 any
this is my ethernet ip range.

and on serial port I assign
wan port is unnumbered ethernet
IP access-group 102 out

when i use this access list the remote ip ping lost. means i am not able to access any thing from remote location. but the connectivity is through.

what would be the problem. pls resolve it.
The administrator has disabled public write access.

Re: I am having problem in access list 9 years 9 months ago #19932

  • kzrizvi
  • kzrizvi's Avatar
  • Offline
  • New Member
  • Posts: 3
  • Karma: 0
access-list 102 permit ip 10.211.200.0 0.0.0.255 any
this is my ethernet ip range.

and on serial port I assign
wan port is unnumbered ethernet
IP access-group 102 out

when i use this access list the remote ip ping lost. means i am not able to access any thing from remote location. but the connectivity is through.

what would be the problem. pls resolve it.
The administrator has disabled public write access.

Re: I am having problem in access list 9 years 9 months ago #19933

  • S0lo
  • S0lo's Avatar
  • Offline
  • Moderator
  • Posts: 1577
  • Thank you received: 7
  • Karma: 3
I assume that your pinging your ethernet subnet from something past the serial port. If this is the case, then yes, it will not work since the reply of pings will be blocked.

Can you explain more what you are trying to do ?
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
The administrator has disabled public write access.

Re: I am having problem in access list 9 years 9 months ago #19934

  • kzrizvi
  • kzrizvi's Avatar
  • Offline
  • New Member
  • Posts: 3
  • Karma: 0
interface FastEthernet0/0
ip address 10.x.x.x 255.255.255.0
ip access-group 103 in
!
interface Serial0/2
ip unnumbered FastEthernet0/0
ip access-group 102 out
!
ip access-list 102 permit ip 10.x.x.0 0.0.0.255 any
!
ip access-list 103 deny tcp any any eq 135
ip access-list 103 deny udp any any eq 137
ip access-list 103 deny udp any any eq 138
ip access-list 103 deny udp any any eq 139
ip access-list 103 permit ip any any

this config should be on all network with their own ethernet ip.

I dont know why it is not working. when i add the 102 access list we got disconnected from our remote location. pls help me out asap.
The administrator has disabled public write access.

Re: I am having problem in access list 9 years 9 months ago #19966

  • mzinz
  • mzinz's Avatar
  • Offline
  • New Member
  • Posts: 9
  • Karma: 0
interface FastEthernet0/0
ip address 10.x.x.x 255.255.255.0
ip access-group 103 in
!
interface Serial0/2
ip unnumbered FastEthernet0/0
ip access-group 102 out
!
ip access-list 102 permit ip 10.x.x.0 0.0.0.255 any
!
ip access-list 103 deny tcp any any eq 135
ip access-list 103 deny udp any any eq 137
ip access-list 103 deny udp any any eq 138
ip access-list 103 deny udp any any eq 139
ip access-list 103 permit ip any any

this config should be on all network with their own ethernet ip.

I dont know why it is not working. when i add the 102 access list we got disconnected from our remote location. pls help me out asap.

What happens if you create another access list, and add it to port int s0/2, inbound?
ip access-list 104 permit ip any any
int s0/2
ip access-group 104 in
The administrator has disabled public write access.
Time to create page: 0.079 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup