Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 206
  • Last Modified:

Access List

Hi,

I have a customer running public IP on the 2 interfaces (eth & Serial). Now he wants to implement the access list on the router which only allows 1 IP to access the router from internal LAN and none from the outside.

I am just wondering should i apply the access list in the serial also ?

Please give me saome examples.

Thanks.
0
carollow
Asked:
carollow
1 Solution
 
st_steveCommented:
If you apply the access list to the serial interface as well, you will block off  all access to the router from outside, wouldn't you? I mean is that what you want? You're blocking outside access to Ethernet interface, which is fine. But I don't think you should apply the access lists to the serial interface, or there will be no outside communications then, unless you have another interface set up.

Maybe I'm reading the question wrong.
0
 
ajvelCommented:
hi carallow,

It is very much possible. Pls try the below example.

To be Applied to Serial Interface
access-list 101 deny tcp 0.0.0.0 0.0.0.0 host {Serial Interface IP} eq telnet
access-list 101 permit any any

interface serialX
 ip access-group 101 in



To be Applied to Ethernet Inetface

access-list 102 permit tcp host {Monitoring Systems IP} host {Ethernet Interface IP} eq telnet
access-list 102 deny tcp 0.0.0.0 0.0.0.0 host {Ethernet Interface IP} eq telnet
access-list 102 permit any any

interface ethernetx
 ip access-group 102 in

Thanks
ajvel
0
 
carollowAuthor Commented:
ajvel,

the access list is not successful on the serial interface, i can still telnet the router from the internet.

carol
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now