Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
509
Views
0
Helpful
2
Replies

ACL blocking all traffic

jorolas
Level 1
Level 1

‎10-22-2007 01:00 AM - edited ‎03-11-2019 04:28 AM

Hi all,

Hi have an ADSL router with dialer wan interfaz and negotiating IP with the ISP.

I am doing NAT as well.

I have several static PATs configured for publishing some services.

I have no ACL configured more than the one in vty line for ssh access.

I would like to control the access to the pat translation, in a source IP basis.

I am trying to do something like:

access-list 120 permit tcp host public_IP_clientA host my_public_IP eq 22

access-list 120 deny tcp any host mypublic_IP eq 22

access-list 120 permit ip any any

access-list 120 permit icmp any any

With this I want client A to be the only one who can access my internal ssh service on port 22.

The point is that once I add this acl, my router losses the communication with inet. I have added the last two statements trying to permit all ip and icmp traffic.

Can anyone help my? How can I allow all traffic with an ACL? Is there any way of setting up a rule like: access-list 120 permit any_protocol any any for avoiding implicit deny all policy?

Thanks in advance,

Jorge

Labels:
0 Helpful
2 Replies 2

noran01
Level 3
Level 3

‎10-22-2007 05:12 AM

Where are you applying this ACL? (what interface and in what direction?)

0 Helpful

jorolas
Level 1
Level 1
In response to noran01

‎10-22-2007 06:08 AM

Sorry, I forgot it. Wan interface (dialer 0), inbound.

Thanks in advance.

Jorge

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card