Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
418
Views
0
Helpful
3
Replies

Ext ACL

alaeldien
Level 1
Level 1

‎11-19-2008 08:53 PM - edited ‎03-04-2019 12:25 AM

hello

iwant to config extended ACL to the rt to block any incoming packets from internet i.e only port like FTP, SFTP , must be opend for inbound and outbound communication, can any one deal in this issue.

thanks

Labels:
0 Helpful
3 Replies 3

srimural
Level 1
Level 1

‎11-19-2008 08:55 PM

Hi,

Configure access-list allowing whatever you require. configure access-group in and out.

Thanks and Regards,

Srinath Muralidharan

Cable&Wireless

0 Helpful

alaeldien
Level 1
Level 1
In response to srimural

‎11-19-2008 09:00 PM

hello Srinath

thank you for your immediate response, could you possibly give sample configs assuming the same case.

thank you

0 Helpful

srimural
Level 1
Level 1
In response to alaeldien

‎11-19-2008 09:14 PM

Hi,

!

ip access-list extended BLOCK-IN

permit tcp any any eq ftp

permit tcp any any eq sftp

!

ip access-list extended BLOCK-OUT

permit tcp any any eq ftp

permit tcp any any eq sftp

!

!

interface x/y

ip access-group BLOCK-IN in

ip access-group BLOCK-OUT out

!

This is just a sample and need to be modified.

Even you can add security with host ip mentioned, i mean the ftp or sftp server.The port number of sftp is tcp 115 and for ftp is tcp 20 and 21

Thanks and Regards,

Srinath Muralidharan

Cable&Wireless

+91 99809 30364

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card