Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
931
Views
0
Helpful
1
Replies

Access Control List

RDDunlap
Level 1
Level 1

‎11-13-2017 08:01 AM - edited ‎03-01-2019 06:14 PM

Hello all, Recently I have configured a standard ACL (out) and applied it to a VLAN in order to keep users from accessing this particular VLAN. The ACL works great with one accept ion, I also have a server sitting inside of the VLAN that I created the ACL for and the server is not able to access the outside internet. I can ping the outside network and devices from this server, but cannot access the internet. My ACL has an explicit deny, and the lines that I add are only to allow specific outside devices access to the VLAN. my question is: What line do I need to add to grant internet access to the server? Here is an example of my configuration:

Config t

Ip access-list standard (NAME)

Permit host 10.8.9.3

Permit host 10.8.9.85

(AND SO ON)

(Do not have to DENY, only permitted hosts will be allowed, all other traffic is automatically denied)

 

TO APPLY TO VLAN

Config t

 <w:wrap type="square">Interface vlan 4

Ip access-group (NAME) out

</w:wrap>

 

SO say that 10.8.9.3 is my server sitting inside of the VLAN that I am applying this ACL to. What needs to be done in order to grant it internet access? Thank you!

Labels:
0 Helpful
1 Reply 1

Meheretab Mengistu
Level 7
Level 7

‎11-13-2017 09:18 PM

 

Hi,

You will need to change your ACL to extended ACL. Here is a sample:

 

ip access-list extended ABC

 permit ip any host 10.8.9.3       ! Permits access from anywhere to the server 

 permit ip any host 10.8.9.85

 ...

!

int vlan4

 ip access-group ABC out

!

 

HTH,

Meheretab

HTH,
Meheretab
0 Helpful
Customers Also Viewed These Support Documents
Top