08-23-2007 10:09 AM - edited 03-03-2019 06:27 PM
I have been trying to get ACLS working on VLANs int?s with limited success. I have version 12, advipservices ios.
The following command allows me to access 192.168.133.1 on port 25
Permit tcp any host 192.168.133.1 eq 25
The following command denies me access, the command should achieve the same???
Permit tcp host 192.168.137.55 host 192.168.133.1 eq 25
Any ideas?
Thanks
08-23-2007 10:42 AM
Neal
Perhaps I do not understand correctly your question. The first access list will allow any host to access host 192.168.133.1 on TCP port 25. The second access list will allow a specific host on 192.168.137.55 to access host 192.168.133.1 on TCP port 25. So if you are on host 192.168.137.55 then the effect of the access lists is the same. If you are not on host 192.168.137.55 then the second access list denies you access.
If there is some part of the question that I have not addressed then perhaps you can clarify the question?
HTH
Rick
08-23-2007 10:45 AM
Hi
If you are sure you are coming from 192.168.137.55 then yes it should work.
Are you absolutely sure this your source address ?
Jon
Edit - sorry Rick, cross posting
08-23-2007 10:56 AM
Besides Rick's and Jon's suggestions, and since I seem to suffer from IP address and/or IP mask dyslexia, I'll either enable ACL logging or enable debug to see what's happening.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide