Solved

ACL brought down network

Posted on 2011-09-12
3
498 Views
Last Modified: 2012-05-12
I just applied an ACL to an interface and it brought down my entire network.

I am trying to block RDP from inside my network to a server also inside my network. So I did...

access-list 113 deny   tcp 10.0.0.0 0.255.255.255 host 10.127.10.7 eq 3389
access-list 113 deny   udp 10.0.0.0 0.255.255.255 host 10.127.10.7 eq 3389

Applied it to the VLAN:

IP access-group 113 in

and boom....no more network.

Thoughts?
0
Comment
Question by:AHEC
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 26

Accepted Solution

by:
Soulja earned 350 total points
ID: 36524529
add

permit ip any any to the bottom of the acl.
0
 
LVL 18

Assisted Solution

by:Garry Glendown
Garry Glendown earned 150 total points
ID: 36524725
Soulja already gave you the fix ...

Generally, Cisco access lists imply a "deny any any" on an access list as soon as a single line is present ...  this can bite you quickly if you try to recreate an access list without removing it from the interfaces first ...
0
 
LVL 1

Author Closing Comment

by:AHEC
ID: 36524990
Thanks guys...stupid mistake.

won't forget that one.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SonicWall Max Connection Setting 7 41
Routing protocols 5 38
Provide internet access from one windows PC to another 16 103
Vmotion configuration 4 57
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question