Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started.

New Member

ACL isn't working

The ACL apply to the Group Asyn 1 interface isn't work.

I need filter the traffic that isn't encripted that point to 192.168.10.11 ip address (loopback 0).

This is the configuration:

interface Loopback0

ip address 192.168.10.11 255.255.255.0

interface Group-Async1

ip unnumbered Loopback0

ip access-group 101 in

ip nat inside

encapsulation ppp

ip tcp header-compression

no logging event link-status

async mode interactive

peer default ip address pool ippool

ppp max-bad-auth 3

ppp callback accept

ppp authentication chap pap ppp_users

group-range 33 48

crypto map empleado

access-list 101 permit esp 192.168.10.0 0.0.0.31 host 192.168.10.11

access-list 101 permit udp 192.168.10.0 0.0.0.31 host 192.168.10.11 eq isakmp

access-list 101 permit ip 192.168.2.0 0.0.0.31 11.0.0.0 0.255.255.255

access-list 101 deny ip any host 192.168.10.11

Note that use nat inside in group asyn 1 interface.

The router is a cisco 2612, the Version is 12.2(6r)

Thanks in advace

  • Other Security Subjects
2 REPLIES
New Member

Re: ACL isn't working

Which protocol are you using for authentication? If it's AH, I don't see a permit statement corresponding to it.

New Member

Re: ACL isn't working

I have using ESP for all.

I establish the connection OK. The problem is that I can't filter the traffic point to de loopback 0. By example I need filter the Telnet request a this interface.

Thanks.

92
Views
0
Helpful
2
Replies