VOIP ACL

Unanswered Question
Jun 27th, 2007
User Badges:

Hi,

Need your help with HTTPS access.

I use (https://callmanagerIP/ccmadmin) to access the web GUI of CallManager. This way I dont have to access the server via terminal then open Callamanger.


Ive applied the following on the router ACL:

permit tcp 10.70.16.0 0.0.0.255 eq 443 host 10.70.18.1

deny ip 10.70.16.0 0.0.0.255 10.70.18.0 0.0.0.255


10.70.16.x is my PC LAN and 10.70.18.x is Callmanager IP. But is still doesnt work when this is applied on the outgoing interface. When I remove the statement, it works. It seems the the deny on the bottom of the statement is taking affect and the show ip access-list counter increases when the ACL is applied and at the same time me trying to access from my PC https://callamangerIP/ccmadmin


Please help.

Thanks


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Thu, 06/28/2007 - 02:10
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


Try changing your access-list to the following


permit tcp 10.70.16.0 0.0.0.255 host 10.70.18.1 eq 443

deny ip 10.70.16.0 0.0.0.255 10.70.18.0 0.0.0.255


Your access-list is saying 443 is the source port whereas 443 is the destination port on the call manager server.


HTH


Jon

Actions

This Discussion