02-25-2006 02:56 PM - edited 03-03-2019 02:00 AM
Hi all
I have taken a look at my access list for my internet, basically it lets everything out, what will be permitting the traffic from the web back to my browser, I cant see any established connections in the access list, so what would be needed to be let in for simple web
thanks all
02-26-2006 09:28 PM
did you apply the ACL to the incoming interface, i mean where the internet traffic enters to your router.
this will be probably your serial interface connected to your ISP .
for example if you want to allow only web for established connections from inside, use the following
-----------
Internet
any
-------------------------
|
|
Ser0/0|
+-----------+
| |
+-----------+
Eth0/0|
|
-------------------------
Office
1.1.9.0
access-list 101 - Applied to traffic leaving the office (outgoing)
access-list 102 - Applied to traffic entering the office (incoming)
int ser0/0 (assuming this where you connect to ISP)
access-group 101 out
access-group 102 in
access-list 101 permit tcp 1.1.9.0 0.0.0.255 any eq 80
access-list 101 permit tcp 1.1.9.0 0.0.0.255 any eq 443
access-list 102 permit tcp any 1.1.9.0 0.0.0.255 established
--------------
if this is not the one you r looking for, let me know
02-27-2006 02:22 AM
Hi, thanks for the reply, my question was more that the access lists are already in place, they were created by my router, but I cant see any lists with the established command on there, would it just be permitting anything to my port 80 incoming ?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: