Hi Laren.I don't understand

laren_lrb · ‎01-06-2015

We have 2 IP camera in the computer room and we would like to use an acl to control http access to the individual IP addresses and only leave the access through the server. The server is on port 21. The Cameras are on an unmanaged switch hooked to the Server. They set it up that way because we have a third camera which is hooked in with coax and is not an IP camera

Server X.X.4.113
IP1 X.X.4.114
IP2 X.X.4.115

I created ACL's and applied it to the interface. I did one at a time and also tried them separate

access-list 101 permit ip X.X.4.17 0.0.0.0 X.X.4.113 0.0.0.0
access-list 101 permit tcp X.X.4.17 0.0.0.0 X.X.4.113 0.0.0.0

I used 4.113 because it is the access to the server. Certain users use a program on the server to access the cameras.

I can have 4.114 or 4.115 and It stops access from everyone for everything on that port. The server is still connect and works fine because of it direct connection to the cameras

It is finding the ACL and since there is no match it does a implicit deny.

1. I could use some help on this and 2. How can I log this and find out what is happening?

Thanks All

Laren

Vinh Phan Le Tien · ‎01-06-2015

Hi Laren.

I don't understand what you need to do.

Could you please give us more details.

For example:

Only IP A can access to IP B.

All IP can access to IP C

. . .

Vinh Phan

laren_lrb · ‎01-07-2015

IP A Camera Server

IP B Camera 1 port 80

IP C Camera 2 port 80

I want to block everyone from accessing IP A, IP B and IP C but a few people; They will need to access the server to see the cameras instead of the cameras directly. I need to have IP B and IP C open to them as well.

At this time anyone can type the IP address of a camera in the web browser and see it.

Thanks

Laren

Access Control List to block IP cameras