Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1704
Views
0
Helpful
13
Replies

Extended ACL

TranHoangMinhNguyen5339
Level 1
Level 1

‎08-15-2019 02:07 AM - edited ‎08-16-2019 04:03 AM

I want to allow pc51,52,53 to use all of features(ftp, ssh, telnet, ping, every features). And, I want to deny all of other computers to use any features (except DNS, Ftp, Email, ping ). I am a beginner. I have no idea how to configure it. Thanks!!!

Screen Shot 2019-08-16 at 5.52.15 PM.png

Labels:
Archive.zip
0 Helpful
13 Replies 13

Seb Rupik
VIP Alumni
VIP Alumni

‎08-15-2019 02:25 AM

Hi there,

Try the following:

!
ip access-list standard VTY-IN
  permit <HOST-51-IP>
  permit <HOST-52-IP>
  permit <HOST-53-IP>
!
vty line 0 15
  access-group VTY-IN
!

cheers,

Seb.

 

0 Helpful

TranHoangMinhNguyen5339
Level 1
Level 1
In response to Seb Rupik

‎08-15-2019 02:51 AM

sorry, but did you see my program. (Host-51-IP) is the ip of the computer 51. is isn't that ?
0 Helpful

Seb Rupik
VIP Alumni
VIP Alumni
In response to TranHoangMinhNguyen5339

‎08-15-2019 03:01 AM

Hi there,

You diagram doesn't give any IP information. Substitute <HOST-5x-IP> with the actual IP address of the relevant host.

 

cheers,

Seb.

0 Helpful

TranHoangMinhNguyen5339
Level 1
Level 1
In response to Seb Rupik

‎08-15-2019 08:01 AM

I cannot type your command. I Use Cisco and can use help me to use extended ACL ? Thank you very much.
0 Helpful

Seb Rupik
VIP Alumni
VIP Alumni
In response to TranHoangMinhNguyen5339

‎08-15-2019 08:28 AM

For an ACL used on the VTY lines you do not need an extended ACL.

 

Can you share the commands that you are typing into the CLI and the output shown?

 

cheers,

Seb.

0 Helpful

TranHoangMinhNguyen5339
Level 1
Level 1
In response to Seb Rupik

‎08-16-2019 03:44 AM - edited ‎08-16-2019 04:04 AM

As a network engineer, do you know what kind of topology is the best for small business and why ? my teacher asked me about this and it really put me on the spot? thank you very much!

0 Helpful

TranHoangMinhNguyen5339
Level 1
Level 1
In response to Seb Rupik

‎08-16-2019 04:02 AM

Sir, now I have a big one. I have a new problem on my post. I also attach my program. Thank you for what you have done to me.
0 Helpful

Seb Rupik
VIP Alumni
VIP Alumni
In response to TranHoangMinhNguyen5339

‎08-16-2019 04:10 AM

I'm afraid I do not have Packet Tracer installed so cannot open your file.

If you can tell me the IP address of the three servers, then I can supply you with the correct ACL to configure on the router.

 

cheers,

Seb.

0 Helpful

TranHoangMinhNguyen5339
Level 1
Level 1
In response to Seb Rupik

‎08-16-2019 04:29 AM

three servers or three pcs. do you have teamview. it would be better to use it.
0 Helpful

Seb Rupik
VIP Alumni
VIP Alumni
In response to TranHoangMinhNguyen5339

‎08-16-2019 04:56 AM

Just the IP addresses for PC-51, PC-52, PC-53.

 

I don't use facebook so please post the details here.

 

cheers,

Seb.

0 Helpful

TranHoangMinhNguyen5339
Level 1
Level 1
In response to Seb Rupik

‎08-16-2019 05:15 AM

192.168.3.20 pc-51
192.168.3.21 pc-52
192.168.3.22 pc-53
0 Helpful

Seb Rupik
VIP Alumni
VIP Alumni
In response to TranHoangMinhNguyen5339

‎08-16-2019 06:12 AM

OK, on router7 run the following commands:

 

!
ip access-list standard VTY-IN
  permit 192.168.3.20
  permit 192.168.3.21
  permit 192.168.3.22
!
vty line 0 15
  access-group VTY-IN
!

 

 

cheers,

Seb.

0 Helpful

TranHoangMinhNguyen5339
Level 1
Level 1
In response to Seb Rupik

‎08-16-2019 04:31 AM

do you use facebook ? I can send you me team view.
0 Helpful
Customers Also Viewed These Support Documents