Solved

ACL brought down network

Posted on 2011-09-12
3
499 Views
Last Modified: 2012-05-12
I just applied an ACL to an interface and it brought down my entire network.

I am trying to block RDP from inside my network to a server also inside my network. So I did...

access-list 113 deny   tcp 10.0.0.0 0.255.255.255 host 10.127.10.7 eq 3389
access-list 113 deny   udp 10.0.0.0 0.255.255.255 host 10.127.10.7 eq 3389

Applied it to the VLAN:

IP access-group 113 in

and boom....no more network.

Thoughts?
0
Comment
Question by:AHEC
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 26

Accepted Solution

by:
Soulja earned 350 total points
ID: 36524529
add

permit ip any any to the bottom of the acl.
0
 
LVL 18

Assisted Solution

by:Garry Glendown
Garry Glendown earned 150 total points
ID: 36524725
Soulja already gave you the fix ...

Generally, Cisco access lists imply a "deny any any" on an access list as soon as a single line is present ...  this can bite you quickly if you try to recreate an access list without removing it from the interfaces first ...
0
 
LVL 1

Author Closing Comment

by:AHEC
ID: 36524990
Thanks guys...stupid mistake.

won't forget that one.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question