Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Access from one subnet to another

Hello,

I have a router. I connected 3 port so I have 3 subnets:

192.168.0.0/24 Fa0, 192.168.1.0/24 Fa1, and 192.168.2.0/24 Fa2

Now, I need to do:

Subnet 192.168.1.0 is the most secure so nobody should access it, except one host from 192.168.2.0 subnet(192.168.2.10), but users from 192.168.1.0 should access both 0.0 and 2.0 subnets.

Subnets 192.168.0.0 and 192.168.2.0 should access each otherwith no restriction.

I have configured this:

access-list 100 deny ip 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255

access-list 100 deny ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255

access-list 100 permit ip any any

int fast 1

access-group 100 out

but in this way if users from 192.168.1.0 try to access the other 2 subnet, the return trafic will match the access list 100 so subnet 192.168.1.0 is not able to access them.

Can u give me a solution please?

Thank U!

1 ACCEPTED SOLUTION

Accepted Solutions
Green

Re: Access from one subnet to another

I assume int fast 1 is 192.168.1.x?

access-list 100 permit tcp any 192.168.1.0 0.0.0.255 established

access-list 100 permit ip 192.168.2.10 0.0.0.0 192.168.1.0 0.0.0.255

int fast 1

access-group 100 out

6 REPLIES
Green

Re: Access from one subnet to another

I assume int fast 1 is 192.168.1.x?

access-list 100 permit tcp any 192.168.1.0 0.0.0.255 established

access-list 100 permit ip 192.168.2.10 0.0.0.0 192.168.1.0 0.0.0.255

int fast 1

access-group 100 out

New Member

Re: Access from one subnet to another

yes, you assumed right and it is working

thanks a lot

New Member

Re: Access from one subnet to another

What kind of router do you have?

New Member

Re: Access from one subnet to another

cisco 1812

New Member

Re: Access from one subnet to another

Thanks.

How do you define 3 subnets using this router?

Do you need to do VLAN?

New Member

Re: Access from one subnet to another

yes...it is a little more complicated.

the subnets are connected via a switch HP with VLANS and I have access-list on every every subnet IN direction...but I was intrested in the problem with returning traffic (if u read my firs message)

307
Views
0
Helpful
6
Replies