Hi

how abt the below one

permit tcp host 20.31.12.54 any eq 80

hI PLEASE find the existing ACL, i need to add web server to this exisitng

Extended IP access list BACKU

20 permit tcp 20.187.147.64 0.0.0.63 host 20.1.39.125 eq 2598 (1331 matches)

20 permit tcp 20.187.147.64 0.0.0.63 host 20.1.39.125 eq 1494 (6 matches)

30 permit tcp 20.187.147.64 0.0.0.63 host 20.1.248.39 eq 3389 (6 matches)

40 permit tcp 20.187.147.64 0.0.0.63 host 20.1.248.39 eq 1494

50 permit tcp 20.187.147.64 0.0.0.63 host 20.1.38.39 eq 2598 (4220 matches)

60 permit tcp 20.187.147.64 0.0.0.63 host 20.1.38.39 eq 1494 (60 matches)

65 permit tcp 20.187.147.64 0.0.0.63 host 20.1.37.76 eq 1494 (90 matches)

70 permit ip 20.187.77.160 0.0.0.15 any (4270711 matches)

80 permit tcp 192.24.3.232 0.0.0.7 any eq 8080

90 permit tcp host 192.24.3.202 any eq 8080

200 permit tcp host 192.24.3.204 any eq 8080

120 permit tcp host 192.24.3.208 any eq 8080

120 permit tcp host 192.24.3.50 any eq 8080

130 deny tcp any any eq 8080 (1225 matches)

140 deny tcp any any eq ftp-data

150 deny tcp any any eq ftp

160 deny tcp any any eq 445 (9 matches)

170 permit ip 192.24.3.0 0.0.0.255 any (52041 matches)

180 permit ip 192.24.4.0 0.0.0.255 any (21920 matches)

190 permit ip 20.253.200.0 0.0.0.255 any (7479 matches)

200 permit ip 20.200.1.8 0.0.0.3 any (18 matches)

220 permit ip 20.1.0.0 0.0.255.255 any

220 permit tcp host 20.18.12.14 eq tacacs any

230 permit tcp host 20.192.9.45 eq tacacs any

240 deny ip any any log (21 matches)

Do this:

25 permit tcp any host 20.31.12.54 eq 80

This will allow anyone access to the 20.31.12.54 address on port 80.

You have to put in the number to insert it in your access list, otherwise it will come in after your last deny statement and you'll never allow anyone in.

--John