Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Inbound ACL & Inpsect changed in 12.4T

I have inbound ACL & an inspect command on my internet interface. Since migrating to 12.4(24)T I can no longer access the web & FTP servers. My current workaround was remove ACL 101. This worked fine in earlier IOS versions. How can I limit inbound www & FTP traffic to only 60.x.x.x?

!

interface Dialer0

description *** Internet ***

ip address negotiated

ip access-group 101 in

ip inspect FW_CBAC out

!

ip nat inside source list 100 interface Dialer0 overload

ip nat inside source static tcp 172.16.100.1 21 interface Dialer0 21

ip nat inside source static tcp 172.16.100.1 80 interface Dialer0 80

!

access-list 101 remark *** Inbound Internet traffic ***

access-list 101 permit ip 60.x.x.x 0.0.0.31 any

1 REPLY
Silver

Re: Inbound ACL & Inpsect changed in 12.4T

I think you can configure ACL to allow WWW and FTP traffic to your internal network

http://www.cisco.com/en/US/docs/ios/12_2/ip/configuration/guide/1cfip.html#wp1109098

113
Views
0
Helpful
1
Replies
CreatePlease to create content