Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACL and ip unnumbered interfaces

Hi,

Just wanted to know where do I apply my access list in the following scenario:

I have a Point-to-Point T1 on my Serial0/0 interface that goes to my ISP.

I have a Serial0/0.1 subinterface with ip unnumbered.

I have a FastEthernet0/0 that connects to my LAN.

I want to only allow telnet to my router from the Internet, i.e. access-list 101 permit tcp any any eq telnet.

My question is: where do I apply the access list? On inbound traffic at the FastEthernet interface or inbound at the Serial0/0.1 interface?

The interface config is below.

Thanks in advance.

Jericho

interface FastEthernet0/0

description To Office FastEthernet

ip address xxx.xxx.xxx.129 255.255.255.128

no ip directed-broadcast

full-duplex

no mop enabled

!

interface Serial0/0

description To ISP

no ip address

no ip directed-broadcast

encapsulation frame-relay IETF

no ip mroute-cache

bandwidth 1536

no fair-queue

frame-relay lmi-type ansi

!

interface Serial0/0.1 point-to-point

ip unnumbered FastEthernet0/0

no ip directed-broadcast

bandwidth 1536

frame-relay interface-dlci 500 IETF

1 REPLY
Cisco Employee

Re: ACL and ip unnumbered interfaces

You need to apply it under the interface serial0/0.1 point-to-point which is connected to the internet..Thx..Tejal

288
Views
0
Helpful
1
Replies