Tom's Hardware > Forum > General Networking > General Gateways, Routers and Firewalls > access-list cisco router 1721

access-list cisco router 1721

Forum General Networking : General Gateways, Routers and Firewalls - access-list cisco router 1721

Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions. Sign up now! Its free!
Ask the community Add a reply
Word :    Username :           
 
strife217   01-29-2007 at 12:48:08 PM

hey,
I'm really new into cisco and I've got a little question.

I'm trying to deny all inbounds and permit only few specific IPs.
for ex. 212.13.19.21 , 212.13.22.97 , 78.88.14.69
and also range of IPs 192.168.1.10-55.
what's a good way for doing it?
do I have to access-list these IPs and then have a deny command?

can you please write me the commands, I must have done something wrong.

thanks alot,

strife

Add a reply
Sponsored Links
Register or log in to remove.
Zakkas   01-30-2007 at 04:27:07 PM
- 0 +

Generally the rule of thumb is to deny what you want to deny first then place your permit statements afterward. I like named access-lists myself because if you want to make a change to it you don't have to remove the whole access-list to remove one line.

for example:

ip access-list extended "NAME" (you can make any name you want...without the quotation marks).

Say I want to deny a specific address to your WAN IP. The following statement would deny only 10.10.10.10 to 2.2.2.2.

deny ip 10.10.10.10 0.0.0.0 2.2.2.2 0.0.0.0

permit ip/tcp/udp (whatever protocol you specify, ip allows anything udp or tcp) source address or subnet destination address or subnet "eq port number" (eq specifies a port which is in the udp or tcp range)

Reply to Zakkas
Ask the community Add a reply
Tom's Hardware > Forum > General Networking > General Gateways, Routers and Firewalls > access-list cisco router 1721
Go to:

There are 1176 identified and unidentified users. To see the list of identified users, Click here.

Forum map
Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 0.648 seconds
Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel
Sponsored links
  • Ask the community now
  • Publish
Ad
Related Topics
See all relatives topics
They won a badge
Join us in greeting them