×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

ACL commands

Unanswered Question
Apr 23rd, 2003
User Badges:

I have a Pix 515e with 3 inter faces.


outside 206.135.121.3

inside 10.0.14.3

dmz 192.168.10.254


I would like to give a remote host 216.102.151.102 access to a server on the inside 10.0.102.5 using range 16151 -16241.


What are the commands I need to input for this to work?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vikrantarora Wed, 04/23/2003 - 13:58
User Badges:

Please follow these steps:


Step 1. Write the access list allowing tcp traffic. public_ip_assigned_to_server should be one of the IP's given by your ISP.


access-list acl_out permit tcp host 216.102.151.102 host public_ip_assigned_to_server range 16151 16241


Step 2. Apply the access-list to the incoming traffic on the outside interface


access-group acl_out in interface outside


Step 3. Inbound access is denied by default, so put in a static after defining an access list as done in Step 1 above.


static (inside,outside) public_ip_assigned_to_server 10.0.102.5 netmask 255.255.255.255


This should be all. Hope it works!


vik

Actions

This Discussion