acl´s

oss5 · ‎11-12-2001

Hi I have a little trouble with some acl´s a have NAT on a router 1750 , well I want to avoid that anybody could do telnet or ftp to my network and the same from inside to outside

i have a network 172.16.10.0 that translate to 204.1.1.0 somebody could help me

thanks

russrice · ‎11-13-2001

Online examples to review

http://www.cisco.com/warp/public/cc/pd/iosw/ioft/ionetn/prodlit/1195_pp.htm

http://www.cisco.com/warp/public/556/index.shtml

http://www.cisco.com/warp/public/793/ios_fw/cbac4.html

Russell Rice

twiggles · ‎12-06-2001

If your home net is on a 172.x.x.x net being nated to a 204.x.x.x net, then no one can initiate contact with any machines on your home network. That's just not how TCP/IP and NAT work. The exceptions to this are 1. someone cracks your router and 2. you explicitly set up the router to proxy incoming ftp, telnet, whatever sessions to an inside box.