Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Access List

Posted on 2002-07-14
3
Medium Priority
?
203 Views
Last Modified: 2012-05-04
Hi,

I have a customer running public IP on the 2 interfaces (eth & Serial). Now he wants to implement the access list on the router which only allows 1 IP to access the router from internal LAN and none from the outside.

I am just wondering should i apply the access list in the serial also ?

Please give me saome examples.

Thanks.
0
Comment
Question by:carollow
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 6

Expert Comment

by:st_steve
ID: 7153040
If you apply the access list to the serial interface as well, you will block off  all access to the router from outside, wouldn't you? I mean is that what you want? You're blocking outside access to Ethernet interface, which is fine. But I don't think you should apply the access lists to the serial interface, or there will be no outside communications then, unless you have another interface set up.

Maybe I'm reading the question wrong.
0
 
LVL 1

Accepted Solution

by:
ajvel earned 200 total points
ID: 7153601
hi carallow,

It is very much possible. Pls try the below example.

To be Applied to Serial Interface
access-list 101 deny tcp 0.0.0.0 0.0.0.0 host {Serial Interface IP} eq telnet
access-list 101 permit any any

interface serialX
 ip access-group 101 in



To be Applied to Ethernet Inetface

access-list 102 permit tcp host {Monitoring Systems IP} host {Ethernet Interface IP} eq telnet
access-list 102 deny tcp 0.0.0.0 0.0.0.0 host {Ethernet Interface IP} eq telnet
access-list 102 permit any any

interface ethernetx
 ip access-group 102 in

Thanks
ajvel
0
 

Author Comment

by:carollow
ID: 7182000
ajvel,

the access list is not successful on the serial interface, i can still telnet the router from the internet.

carol
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen some questions on problems with SSH/telnet access to Cisco routers that may occur despite the fact that from a PC connected to your LAN, Internet connectivity is in place and users can access Internet sites without any issues.  There are…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question