Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
215
Views
0
Helpful
1
Replies

Access List??

londint
Level 1
Level 1

‎06-10-2002 08:23 AM - edited ‎03-01-2019 10:06 PM

We need to give an untrusted network access to only one server. They will not give us access to configure an access list on their router so we have to do it from our end.

WIll configuring an extended access list like

ip access-list 101 permit 192.178.0.0 0.0.255.255 host 172.240.1.10 and configured on all our MSFC and then applied to the vlan that the Server is on work. But then will this not deny all other network on the 172.x.x.x network. How do I go about doing this succesfully.?

We do not want the network 192.178.0.0 going anywhere else but to 172.240.1.10.

Thanks

Labels:
0 Helpful
1 Reply 1

mfaust
Level 1
Level 1

‎06-10-2002 09:03 AM

It sounds as though your best bet is to apply the access list to the interface that faces the untrusted network. Let in only traffic destined for 172.240.1.10 and deny anything else. All other traffic will be dropped at the ingress port. By the way, this is a better approach then putting the access list on their router. You want to be in control of your security!!!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents