access list for diff transmit/receive internet interface

Unanswered Question
Aug 25th, 2007
User Badges:

SCENARIO

-router transmit (internet connection) on serial0

-router receives (internet connection) on e0 (e0 is where the public ip resides)

-the private network resides on e1 subnet.


REQUIREMENT

-restricts outgoing traffic only for http and mail

-restricts incoming traffic only for ssh to host IP_1.


please ADVISE.


THANKS

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Pavel Bykov Sat, 08/25/2007 - 09:03
User Badges:
  • Silver, 250 points or more

You can use Extended ACL to define policy in the way you want.

http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00800a5b9a.shtml#extacls


But first, please clarify:

1. You only transmit ALL traffic on S0 (no input packets whatsoever) and receive on e0 (no output whatsoever)?

-or-

2. You have DATA traffic on S0 and management traffic on e0?



Actions

This Discussion