cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
498
Views
0
Helpful
1
Replies

Access-list WAN interface

smartnet
Level 1
Level 1

I have a question about a excepion of traffic of the lan. I have set aan access-list al follwing:

BVI 1

ip address dhcp (Public ip adddres dhcp)

ip access-list 100 in

---------------------------------

access-list 100 permit tcp any host PUB_IP eq www

If host now want to internet from the secure lan (Connected on Ethernet 0 interface) they cannot comming back on a different port. I use nat with a access-list permit secure lan.

Can i make a exception that al traffic from secure lan what incomming on BVI is permit on a higher port of 1024.

Thus, client make a connection to a website on port 80 and the server connect back on a port higher of 1024. Al other traffic from extern are not permit.

I hope somebody can help.

1 Reply 1

bwalchez
Level 4
Level 4

Yes, you can achieve it by writing a seperate access-lits by permitting the appropriate ports and subnet