Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Inbound ACL break IP helper

HI

I have the config - see below

I am using ip helper to relay dhcp req's from a server to clients on another LAN. On the LAN with the clients, I need to apply an inbound ACL to limit their access to the wide area network. When I apply the ACL below, it breaks everything, and the dhcp feature stops working. I have tried this on a router, L3 switches and got the same result every time.

Has anyone had this problem b4 -

Regards

interface FastEthernet0/1.2

encapsulation dot1Q 2

ip address 172.22.20.2 255.255.255.0

ip helper-address 3.0.2.2

ip directed-broadcast

ip access-list extended Macnetwork

permit tcp 172.22.20.0 0.0.0.255 any eq ftp

permit tcp 172.22.20.0 0.0.0.255 any eq www

permit udp any any eq bootps

permit udp any any eq bootpc

deny ip any any log

2 REPLIES
Bronze

Re: Inbound ACL break IP helper

Is the traffic being logged by the last deny statement? If so, can you post the logs?

Community Member

Re: Inbound ACL break IP helper

Unfortunately, I cant post the logs because I cant break the production environment, and I havent got the filter enabled cos it broke the dhcp. If anyone has managed to get this working in the past - any thought would be greatly appreciated.

277
Views
0
Helpful
2
Replies
CreatePlease to create content