Re: Restricted access to servers using access list

M Talha · ‎10-25-2018

Dear All,

I am running some servers in my network which i want to have restricted access. I only want 8-10 specific users to have the access of these machines. i want this ip 192.168.12.30, 192.168.10.11, 192.168.11.15 to have access to the server on 192.168.11.13. Rest of the machines on subnet (192.168.8.0 - 192.168.15.0) should not access the server on 192.168.11.13. So are these statement correct ? Need help

ip access-list extended servers

permit ip host 192.168.12.30 host 192.168.11.13

permit ip host 192.168.10.11 host 192.168.11.13

permit ip host 192.168.11.15 host 192.168.11.13

deny ip any any

Deepak Kumar · ‎10-26-2018

Hi,

It is looking correct but you must be applied ACL in the correct direction.

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

M Talha · ‎10-26-2018

This is the problem i am facing .. if i am applying ip access-group in or out on the LAN interface nothing happens ? Need help in this regard.

Deepak Kumar · ‎10-26-2018

Hi,

This access-list must be configured under the LAN interface (Client Faced) in the direction of IN as below:

!

interface GigabitEthernet0/0/0

description Connected to Server

ip address 192.168.11.1 255.255.255.0

duplex auto

speed auto

!

interface GigabitEthernet0/0/1

description Connected to LAN

ip address 192.168.12.1 255.255.255.0

ip access-group server in

duplex auto

speed auto

!

ip access-list extended server

10 permit ip host 192.168.12.30 host 192.168.11.13

20 permit ip host 192.168.12.11 host 192.168.11.13

30 permit ip host 192.168.12.15 host 192.168.11.13

50 deny ip 192.168.12.0 0.0.0.255 host 192.168.11.13

100 permit ip any any

!

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!