Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
380
Views
0
Helpful
2
Replies

Access-list revisited quesion?

Carlton Patterson
Level 1
Level 1

‎12-17-2012 04:54 PM - edited ‎03-04-2019 06:26 PM

Hello community

I have created a simple access-list to deny traffic from a single host 10.0.0.1 to my pc connected to router r4 with ip address 192.168.1.2. The ip address on the pc is 192.168.1.1

After creating the access list all traffic is unable to access 192.168.1.1 via 192.168.1.2

Can someone please explain why?

Attached is the topology and config

Cheers

Labels:
140077-00-48-51--R4(127.0.0.1).txt.zip
140076-00-48-44--R3(127.0.0.1).txt.zip
140074-00-48-29--R1(127.0.0.1).txt.zip
75 KB
140075-00-48-37--R2(127.0.0.1).txt.zip
0 Helpful
2 Replies 2

Elton Babcock
Level 1
Level 1

‎12-17-2012 06:14 PM

Can you post the ACL?

Remember when you create and access list you have an implicit deny any any at the end even if you didn't add it. This means you also need some sort of permit statement within your ACL to allow the traffic you want.

Also think of how you are applying the ACL to the interface. Whether you apply it inbound or outbound matters how you create your ACL.



Sent from Cisco Technical Support iPhone App

0 Helpful

kcnajaf
Level 7
Level 7

‎12-17-2012 06:25 PM

Hi Carlton,

Modify you config as below on R4

access-list 102 remark test from R1

access-list 102 deny ip host 192.168.1.1 host 10.0.0.1

access-list 102 permit ip any any

And apply this to router interface where pc is connected IN bound direction

as below

interface FastEthernet0/1

ip access-group 102 in

Hope this helps.

Regards

Najaf

Please rate when applicable or helpful !!!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card