Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Extended ACL for Two Hosts in DMZ

I need an extended acl for two hosts (192.168.51.1 and 192.168.51.2) connected to a 2950, which is connected to G0/1 on my router (see attachment). I want local hosts on 192.168.50.0/24 and hosts from the internet to access these servers. I know there's a lot of other stuff that I need to configure (ie. ports, destination hosts address), but this is just to start me off. Thanks in advance.

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Blue

Re: Extended ACL for Two Hosts in DMZ

David

It's not entirely clear whay you want. If you simply want an acl that allows all IP from Internet and internal to those hosts then

access-list 101 permit ip any host 192.168.51.1

access-list 101 permit ip any host 192.168.51.2

int gi0/1

ip access-group 101 out

Note you don't need to have the LAN address ie. 192.168.50.0/24 because you have to use a source address of any because of the Internet addresses.

Jon

1 REPLY
Hall of Fame Super Blue

Re: Extended ACL for Two Hosts in DMZ

David

It's not entirely clear whay you want. If you simply want an acl that allows all IP from Internet and internal to those hosts then

access-list 101 permit ip any host 192.168.51.1

access-list 101 permit ip any host 192.168.51.2

int gi0/1

ip access-group 101 out

Note you don't need to have the LAN address ie. 192.168.50.0/24 because you have to use a source address of any because of the Internet addresses.

Jon

100
Views
0
Helpful
1
Replies