10-16-2008 06:28 AM - edited 03-03-2019 11:57 PM
hi
i am new to networking
could some one tell me how to open port 80 in the router to access web interface server 20.31.12.54(using EXTENDED ACCESS LIST)
Thanks
Adhi
Solved! Go to Solution.
10-16-2008 08:08 AM
Oh, and you could use any number before your acl statement:
1 permit tcp ...
10 permit tcp ...
Just as long as you are before the 240. I noticed that you had two 20 lines (not sure how that was possible :-) Usually will throw an error that the number exists.
--John
10-16-2008 06:47 AM
There are different "flavors" of extended ACLs, for instance both named and unnamed. There's also the question where the ACL will be applied which can determine whether you look at source or destination addresses and/or ports. Within a named ACL, you might have a statement that looks like this:
permit tcp host 20.31.12.54 eq http any
or
permit tcp any host 20.31.12.54 eq http
If you can provide additional information about the existing ACL that is blocking access, I or others might be able provide better information.
10-16-2008 06:58 AM
Hi
how abt the below one
permit tcp host 20.31.12.54 any eq 80
10-16-2008 07:03 AM
hI PLEASE find the existing ACL, i need to add web server to this exisitng
Extended IP access list BACKU
20 permit tcp 20.187.147.64 0.0.0.63 host 20.1.39.125 eq 2598 (1331 matches)
20 permit tcp 20.187.147.64 0.0.0.63 host 20.1.39.125 eq 1494 (6 matches)
30 permit tcp 20.187.147.64 0.0.0.63 host 20.1.248.39 eq 3389 (6 matches)
40 permit tcp 20.187.147.64 0.0.0.63 host 20.1.248.39 eq 1494
50 permit tcp 20.187.147.64 0.0.0.63 host 20.1.38.39 eq 2598 (4220 matches)
60 permit tcp 20.187.147.64 0.0.0.63 host 20.1.38.39 eq 1494 (60 matches)
65 permit tcp 20.187.147.64 0.0.0.63 host 20.1.37.76 eq 1494 (90 matches)
70 permit ip 20.187.77.160 0.0.0.15 any (4270711 matches)
80 permit tcp 192.24.3.232 0.0.0.7 any eq 8080
90 permit tcp host 192.24.3.202 any eq 8080
200 permit tcp host 192.24.3.204 any eq 8080
120 permit tcp host 192.24.3.208 any eq 8080
120 permit tcp host 192.24.3.50 any eq 8080
130 deny tcp any any eq 8080 (1225 matches)
140 deny tcp any any eq ftp-data
150 deny tcp any any eq ftp
160 deny tcp any any eq 445 (9 matches)
170 permit ip 192.24.3.0 0.0.0.255 any (52041 matches)
180 permit ip 192.24.4.0 0.0.0.255 any (21920 matches)
190 permit ip 20.253.200.0 0.0.0.255 any (7479 matches)
200 permit ip 20.200.1.8 0.0.0.3 any (18 matches)
220 permit ip 20.1.0.0 0.0.255.255 any
220 permit tcp host 20.18.12.14 eq tacacs any
230 permit tcp host 20.192.9.45 eq tacacs any
240 deny ip any any log (21 matches)
10-16-2008 08:06 AM
Do this:
25 permit tcp any host 20.31.12.54 eq 80
This will allow anyone access to the 20.31.12.54 address on port 80.
You have to put in the number to insert it in your access list, otherwise it will come in after your last deny statement and you'll never allow anyone in.
--John
10-16-2008 08:08 AM
Oh, and you could use any number before your acl statement:
1 permit tcp ...
10 permit tcp ...
Just as long as you are before the 240. I noticed that you had two 20 lines (not sure how that was possible :-) Usually will throw an error that the number exists.
--John
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide