Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

access lists and natting

if im natting my web server say from 172.19.1.4 to say 212.24.45.67 external, on the access list that only permits external http traffic to connect to the server, do I permit it to the external address or the internal address ?

thanks

2 REPLIES
New Member

Re: access lists and natting

HI,

On the ethernet interface connecting to the servers, if configure this access list, it should work fine.

int f0/0

description " Connected to the Server "

ip access-group 110 out

access-list 110 deny tcp any 172.19.1.4 0.0.0.0 neq 80

access-list 110 permit ip any any

Hope this works. Rate all the posts.

Re: access lists and natting

Hello Carl, still having problems with NAT issues, right?

The answer really depends on wher are you configuring this ACL, inside interface or outside interface?

So, I believe you are asking about ACL to be configured on the outside interface right?

So, you should use the ACL for the IP 212.24.45.67

if not, i.e if you are configuring this ACL on the inside interface then the configurations on the other port will suffice.

Hope this helps,

btw, never seen a rate from you!

Vlad

157
Views
4
Helpful
2
Replies
CreatePlease to create content