Solved

Access Control list to setup firewall internal to our network

Posted on 2006-10-19
6
255 Views
Last Modified: 2013-11-16
We have a Police Department network which accesses services such as email, internet, file sharing/printing from the City Hall network.  I want to setup a firewall in such a way that the Police Department can access everything on the City Hall network.  I want nobody except the servers at City Hall be able to talk to servers at Police Department.

The Police Department is connected to City Hall using a fiber trunk.

The Police Department network is 172.22.0.0 and there gateway interface to City hall is 172.22.9.1

The City Hall network is 10.0.0.0 network.

Any help with a sample access list will greatly help.
0
Comment
Question by:rwcstaff
6 Comments
 
LVL 1

Accepted Solution

by:
Sean64 earned 125 total points
ID: 17770601
Here's a simple ACL (assuming all servers reside on 10.255.x.x subnetwork.
It would be helpfull to know what the subnet masks are at each site, as well as what type of firewall you're using to provide a better answer.

PERMIT 10.255.0.0 255.255.0.0 172.22.0.0 255.255.0.0
DENY ALL

0
 
LVL 3

Assisted Solution

by:tang_tzuchi
tang_tzuchi earned 125 total points
ID: 17771138
Hi,

Beside the ACL provided by Sean64, you can add another statement for all traffic Police Department to City Hall network:

PERMIT 172.22.0.0 255.255.0.0 10.0.0.0 255.0.0.0
PERMIT 10.255.0.0 255.255.0.0 172.22.0.0 255.255.0.0
DENY ALL
0
 

Author Comment

by:rwcstaff
ID: 17775025
Thanks Sean64 and Tang tzuchi.  Sean64, you had a question about the subnet mask on both sides.  It is 255.255.0.0.  Having said that will the ACL you are suggesting still valid.  Thanks.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

What’s a web proxy server? A proxy server is a server that goes between clients and web servers, used in corporate to enforce corporate browsing policy and ensure security. Proxy servers are commonly used in three modes. A)    Forward proxy …
If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now