03-15-2004 04:38 AM - edited 03-02-2019 02:16 PM
Can someone tell me how to setup the ability to only allow a certain network to access one IP address.
I have a Cisco 3640 with two ethernet interfaces. I want the network on ethernet 2 (10.30.30.0) to only be able to access one IP address on ethernet 1 (10.20.20.20) via telnet.
It is running IOS 12.0(7).
Thanks,
Scott
03-15-2004 05:39 AM
try
first
ip access-list 101 permit tcp 10.30.30.0 255.255.255.0 host 10.20.20.20 255.255.255.0 eq telnet
ip access-list 101 permit ip any any
then
int yourEthernet1
ip access-group 101 in
03-15-2004 08:24 AM
Hi,
create access-list
access-list 101 permit 10.30.30.0 0.0.0.255 host 10.20.20.20 eq 21 ! permit telnet
access-list 101 deny ip 10.30.30.0 0.0.0.255 10.20.20.0 0.0.0.255 ! deny all other from 10.30.30.0
access-list 101 permit ip any any ! permit all for the rest
int eth1
access-group 101 out
jh
03-15-2004 08:26 AM
sorry, typo: must be ... eq 23
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide