how to configure the access list for my cisco 2600 router
Posted on 2006-04-19
Can any one advise me how should I configure the accesslist, and to tie to which interface, based on the case below :-
a 2600 with serial0 (connected to internet), fastethernet (Connected to local network)
S0 :- 100.100.100.2 /255.255.255.252
F0 :- 192.168.50.154 /255.255.255.0 (NAT-ed)
1. 184.108.40.206 <---> 192.168.50.2 (Web server)
2. 220.127.116.11 <----> 192.168.50.3 (FTP server)
3. 18.104.22.168 <----> 192.168.50.4 (DNS server)
4. 22.214.171.124 (NAT Pool) - Local users access internet using this ip address.
for the above mentioned (1) to (3), how should I configure the access-list, such that Internet users can only
access the web server restricted via port 80 ,
access the FTP server restricted via port 21,
access the DNS server restricted via port 51.
other then the the 3 ports for the 3 server mentioned above, the rest of the ports of 1- 65535, to be closed from
accessing by intenet users.