the users at branch office(perth) cannot do FTP to a server in internet. we just want change on NAT/Rules to make it happen.
we do have head office is Sydney that this router has VPN IPsec to other branches including Melbourne, Perth, ..
we just want to fix FTP aceess for Perth users not on any other branches.
All things are router to router IPsec. from perth and sydney routers, i can ping FTP address that is (126.96.36.199) but from a client at perth, i cannot ping or telnet to that IP.
I uploaded routers configs from sydney and perth routers.
Please ask me for more picture of environment.
Thanks In Advance,
Is because we're dealing with two different concepts of ACLs here.
The ACL 160 is applied to an interface (inbound to Ethernet0), so this ACL is to permit/deny traffic).
The ACL 150 is applied to a NAT rule (you cannot remove it because you'll loose Internet).
I was asking to remove the filtering ACL which is the 160 only.
The test that I was asking was to either remove the ACL 160 or add a line like this:
access-list 160 permit ip any any
And check if everything works.