Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ACL Help

I have a 1600

here are the acl's

access-list 10 permit 192.168.10.0 0.0.0.255

access-list 10 permit 192.168.1.0 0.0.0.255

access-list 100 permit ip any host 192.168.1.1

access-list 100 permit ip any host 192.168.1.199

access-list 100 permit ip any 192.168.100.0 0.0.0.255

access-list 100 deny ip any 192.168.1.0 0.0.0.255

access-list 100 permit ip any any

Hi we blocked all traffic going to the 1.x subnet acepct for .1.1 and 1.199

1.1 is our pix that does the nating

we need to open the 1.x sub for 2 computers in the 10.x net

would the acl go somthing like this ??

access-list 100 permit ip 192.168.10.63 192.168.1.0 0.0.0.255

??

Thanks again

Bill

1 REPLY
Hall of Fame Super Blue

Re: ACL Help

Bill

Yes although you will need to reenter the access-list as if you add

access-list 100 permit ip 192.168.10.63 192.168.1.0 0.0.0.255

it will appear after the

access-list 100 deny ip any 192.168.1.0 0.0.0.255

One other thing, your new acl lines should include the "host" keyword ie.

access-list 100 permit ip 192.168.10.63 192.168.1.0 0.0.0.255

should be

access-list 100 permit ip host 192.168.10.63 192.168.1.0 0.0.0.255

Jon

105
Views
0
Helpful
1
Replies
CreatePlease to create content