I have access lists set up for the serial side (group 100) and network side (group 101). The serial side group 100 access list uses the following:
access-list 100 permit tcp any eq ftp any connected
but this doesn't seem to prevent ftp logins on the web server (as intended), which is on the network side, from the internet, which is on the serial side.
The serial side is:interface Serial1/0
no ip address
ip access-group 100 out
This is on a Cisco 1751 router with 12.0 software.
Why doesn't it prevent incoming ftp connections?