Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ftp and http Access control list

ip access-list extended vlan10

permit tcp 172.20.10.0 0.0.0.255 host 172.20.10.2 eq ftp

permit tcp 172.20.10.0 0.0.0.255 host 172.20.20.2 eq ftp

permit tcp 172.20.10.0 0.0.0.255 any eq www

ip access-list extended vlan20

permit tcp 172.20.20.0 0.0.0.255 host 172.20.20.2 eq ftp

permit tcp 172.20.20.0 0.0.0.255 any eq www

ip access-list extended vlan30

permit tcp 172.20.30.0 0.0.0.255 any

This is how I have my access list set up to allow FTP to each vlan/departments server's and the internet, but it doesn't seem to work in packet tracer.  I'm a student working on my case study and i guess I just don't have a good grasp on ACL's yet.  Vlan 10 is personal and needs to have ftp access to the internet, its server and accounts server, vlan 20 is accounts and just needs access to its own server, and vlan 30 is the it department and needs full access accross all networks, any help would be greatly appreciated.

Everyone's tags (6)
1 REPLY
New Member

ftp and http Access control list

A little more information.  Each ACL is applied to the corresponding vlans subinterface in.  It seems to me that only the first rule in the list is working.

337
Views
0
Helpful
1
Replies
CreatePlease login to create content