cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2185
Views
3
Helpful
11
Replies

One Way Communication - ACL

SnarkyPrime
Level 1
Level 1

Hello
I tried to do an ACL, but it did not really work, so i want to ask for your help guys.
My idea was an one way communication. I wanted the PC3 (blue) to be a supervisor pc, which can access to every other pc, but nobody can (gain?) access to PC3.
I tried this: 
access-list 100 deny ip any host *blue pc IP-address*
access-list 100 permit ip host *blue pc IP-address* any
but it did not work

1 Accepted Solution

Accepted Solutions

access-list 100 permit icmp any host *ip address* echo-reply 
access-list 100 deny icmp any host *ip address* echo

this make only echo-reply accept and echo deny 

View solution in original post

11 Replies 11

Hi

 Where did you applied the ACL ?  Can you share you project?  zip it first. 

i applied everywhere, to test it, but only one at the time, i dont know where should i apply, because these are sub-interfaces

allow only the ping-reply from any to PC3 
this make all PC can reply tp ping from PC3 but can not ping PC3
make the ACL of ping-reply direction IN <<- apply it to router. 

how can i do that?
access-list 100 deny icmp any host *ip address* echo? 

access-list 100 permit icmp any host *ip address* echo-reply 
access-list 100 deny icmp any host *ip address* echo

this make only echo-reply accept and echo deny 

thank you, and where should i apply the acl if there are only sub interfaces?

but are all host in same subnet ?

SnarkyPrime_0-1682359297042.png

this is how it looks like 
the supervisor pc is in the 0/0.30

then apply the ACL direction IN under the subinteface f0/0.10 and f0/0.20

it works, thank you very much!

You are so so welcome