Solved

Access List

Posted on 2002-07-14
3
197 Views
Last Modified: 2012-05-04
Hi,

I have a customer running public IP on the 2 interfaces (eth & Serial). Now he wants to implement the access list on the router which only allows 1 IP to access the router from internal LAN and none from the outside.

I am just wondering should i apply the access list in the serial also ?

Please give me saome examples.

Thanks.
0
Comment
Question by:carollow
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 6

Expert Comment

by:st_steve
ID: 7153040
If you apply the access list to the serial interface as well, you will block off  all access to the router from outside, wouldn't you? I mean is that what you want? You're blocking outside access to Ethernet interface, which is fine. But I don't think you should apply the access lists to the serial interface, or there will be no outside communications then, unless you have another interface set up.

Maybe I'm reading the question wrong.
0
 
LVL 1

Accepted Solution

by:
ajvel earned 50 total points
ID: 7153601
hi carallow,

It is very much possible. Pls try the below example.

To be Applied to Serial Interface
access-list 101 deny tcp 0.0.0.0 0.0.0.0 host {Serial Interface IP} eq telnet
access-list 101 permit any any

interface serialX
 ip access-group 101 in



To be Applied to Ethernet Inetface

access-list 102 permit tcp host {Monitoring Systems IP} host {Ethernet Interface IP} eq telnet
access-list 102 deny tcp 0.0.0.0 0.0.0.0 host {Ethernet Interface IP} eq telnet
access-list 102 permit any any

interface ethernetx
 ip access-group 102 in

Thanks
ajvel
0
 

Author Comment

by:carollow
ID: 7182000
ajvel,

the access list is not successful on the serial interface, i can still telnet the router from the internet.

carol
0

Featured Post

Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Problem to router 7 84
Receiving wifi on an underground station 22 130
EIGRP Bandwidth 9 43
Upgrading from Sonicwall Tz210 6 37
It happens many times that access list (ACL) have to be applied to outgoing router interface in order to limit some traffic.This article is about how to test ACL from the router which is not very intuitive for everyone. Below scenario shows simple s…
This article is a guide to configure bridging on Cisco Routers.  This is something I never knew was possible until after making a few phone calls to Cisco.  Using bridging saved our company money by not requiring us to purchase a new switch.  Bridgi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question