How do i restrict 40 workstatons from accessing only internet from a block

wasiutrade · ‎02-12-2009

I have a cisco router 1841 with 2FE, one to the Lan(10.100.100.65/26) and the other to the Internet(192.168.0.2/255)

I want to carry out the listed task

-To configure DHCP on 1841 router -To share internet access using the router - To restrict about 40 systems out of 50 systems from browsing the internet - All system should be able to access mail in the nearest future.

I did the configuration using PAT, DHCP and Accessing-list but all the systems are browsing here are the access list used.

access-list 120 permit tcp host 10.100.100.65 0.0.0.63 192.168.0.2 eq 80

access-list 120 permit tcp host 10.100.100.66 0.0.0.63 192.168.0.2 eq 80

access-list 120 permit tcp host 10.100.100.67 0.0.0.63 192.168.0.2 eq 80

access-list 120 deny tcp any 192.168.0.2 0.0.0.255 eq 80

access-list 120 permit ip any any (To allow other network access)

How do i restrict 40 workstatons from accessing only internet from a block size of 64 ip

Leo Laohoo · ‎02-12-2009

Errr ... Shouldn't it be like this?

access-list 120 permit tcp host 10.100.100.65 host 192.168.0.2 eq 80

access-list 120 permit tcp host 10.100.100.66 host 192.168.0.2 eq 80

access-list 120 permit tcp host 10.100.100.67 host 192.168.0.2 eq 80

access-list 120 deny tcp any host 192.168.0.2 eq 80

access-list 120 permit ip any any

Leo Laohoo · ‎02-12-2009