I have a PC in a lobby open to public that I wish to allow access to the internet only, but I want to be able to remote control the PC from another office if necessary. I want to allow all other PCs at this location unrestricted access to the network.
The PC is IP 192.168.31.250 255.255.255.0, on the 192.168.31.0 network segment. The switch is a 2950 and the router is a 1751.
I cant to limit it at the switch, is it possible?
Ive come up the following ACL
access-list 101 permit tcp host 172.16.31.250 any eq 443
access-list 101 permit tcp host 172.16.31.250 any eq www
access-list 101 permit tcp host 172.16.31.250 any eq domain
access-list 101 permit tcp host 172.16.31.250 any established
access-list 101 deny tcp host 172.16.31.250 any
access-list 101 deny icmp host 172.16.31.250 any
access-list 101 permit tcp any any
Applied in on the Ethernet port of the router.
It does not do what I hoped, what am I doing wrong?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...