We are trying to setup an access list to allow only dhcp and proxy (for Internet) access. The proxy access works fine, but the dhcp is giving me some trouble. We assign dhcp to mulitple lans using iphelper. I am using the following...
As inbound access list:
access-list 112 permit tcp any host 10.10.1.5 eq 8080
access-list 112 permit udp any host 10.10.1.10 eq bootps
access-list 112 permit udp any host 10.10.1.10 eq bootpc
access-list 112 deny any any
And as outbound access list.
access-list 113 permit tcp host 10.10.15 eq 8080 any
access-list 113 permit udp host 10.10.1.10 eq bootps any
access-list 113 permit udp host 10.10.1.10 eq bootpc any
access-list 113 deny any any
If I assign just the outbound access list everything works fine. As soon as I apply the inbound list dhcp does not work. I have tried debugging the access list and found no errors listed. If I apply the following line to my inbound list it seems to be ok, however it seems this entry somewhat defeats my security purposes:
access-list 112 permit ip host 0.0.0.0 any
Any ideas??? Thanks in advance!