Solved: Re: One Way Communication - ACL

SnarkyPrime · ‎04-24-2023

Hello
I tried to do an ACL, but it did not really work, so i want to ask for your help guys.
My idea was an one way communication. I wanted the PC3 (blue) to be a supervisor pc, which can access to every other pc, but nobody can (gain?) access to PC3.
I tried this:
access-list 100 deny ip any host *blue pc IP-address*
access-list 100 permit ip host *blue pc IP-address* any
but it did not work

MHM Cisco World · ‎04-24-2023

access-list 100 permit icmp any host *ip address* echo-reply
access-list 100 deny icmp any host *ip address* echo

this make only echo-reply accept and echo deny

View solution in original post

Flavio Miranda · ‎04-24-2023

Hi

Where did you applied the ACL ? Can you share you project? zip it first.

SnarkyPrime · ‎04-24-2023

i applied everywhere, to test it, but only one at the time, i dont know where should i apply, because these are sub-interfaces

MHM Cisco World · ‎04-24-2023

allow only the ping-reply from any to PC3
this make all PC can reply tp ping from PC3 but can not ping PC3
make the ACL of ping-reply direction IN <<- apply it to router.

SnarkyPrime · ‎04-24-2023

how can i do that?
access-list 100 deny icmp any host *ip address* echo?

MHM Cisco World · ‎04-24-2023

access-list 100 permit icmp any host *ip address* echo-reply
access-list 100 deny icmp any host *ip address* echo

this make only echo-reply accept and echo deny

SnarkyPrime · ‎04-24-2023

thank you, and where should i apply the acl if there are only sub interfaces?

MHM Cisco World · ‎04-24-2023

but are all host in same subnet ?

SnarkyPrime · ‎04-24-2023

this is how it looks like
the supervisor pc is in the 0/0.30

MHM Cisco World · ‎04-24-2023

then apply the ACL direction IN under the subinteface f0/0.10 and f0/0.20

SnarkyPrime · ‎04-24-2023

it works, thank you very much!

MHM Cisco World · ‎04-24-2023

You are so so welcome