cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
407
Views
0
Helpful
1
Replies

Inbound ACL & Inpsect changed in 12.4T

swaro2000
Level 1
Level 1

I have inbound ACL & an inspect command on my internet interface. Since migrating to 12.4(24)T I can no longer access the web & FTP servers. My current workaround was remove ACL 101. This worked fine in earlier IOS versions. How can I limit inbound www & FTP traffic to only 60.x.x.x?

!

interface Dialer0

description *** Internet ***

ip address negotiated

ip access-group 101 in

ip inspect FW_CBAC out

!

ip nat inside source list 100 interface Dialer0 overload

ip nat inside source static tcp 172.16.100.1 21 interface Dialer0 21

ip nat inside source static tcp 172.16.100.1 80 interface Dialer0 80

!

access-list 101 remark *** Inbound Internet traffic ***

access-list 101 permit ip 60.x.x.x 0.0.0.31 any

1 Reply 1

smalkeric
Level 6
Level 6

I think you can configure ACL to allow WWW and FTP traffic to your internal network

http://www.cisco.com/en/US/docs/ios/12_2/ip/configuration/guide/1cfip.html#wp1109098

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: