Hi all, I have a new site where they want some sort of guest internet access that does not touch our lan, I have a 873 router that has a public ip address that is only been used for remote vpn into the site, however I need to now use this for internet access also,
Can anyone show me how I can do this, I simply only want to allow clients on the 10.117.202.0 subnet out to the internet, the vpn clients that need no nat are on the 10.117.198.0 network. There is also a route back to my internal network for the whole 10.0.0.0 network, I want an access list that blocks anything from the guest internet clients going to this also, would it be something like ip access-list exentended internet, permit 10.117.202.0 0.0.0.255 any ?
hope for your help
cheers
Carl
hope you can help cheers