extended ACL - Page 2

lakhwaraa · ‎07-28-2022

I have following acl's on my router. I want to ping remote location 202.165.40.65 with port 443 but i am unable to do so. remote location will only allow traffic from my IP (119.65.22.32 and port 443). all other ports are block at remote location. Currently i am receiving traffic from 119.65.22.32 on ports 476,475,531,532 etc but not from 443.

any help

My Ip address: 119.65.22.32

Remote ip address: 202.165.40.65

1. ip access-list extended GigabitEthernet0/1 (this is my interface with ip 119.65.22.32)

this acl has no entry but i still put entry of these

permit tcp host 202.165.40.65 any eq 443
permit tcp host 202.165.40.65 any eq 443

permit udp host 202.165.40.65 any eq 443
permit udp host 202.165.40.65 any eq 443

2. ip access-list extended NAT-OUT-IN

ip nat outside source list NAT-OUT-IN pool POOL-OUT-IN

ip nat pool POOL-OUT-IN 10.10.0.0 10.10.255.255 prefix-length 16

this acl does not have anything to do with remote ip

3. ip access-list extended firewall

this acl was empty but i still put these entries in it

permit tcp host 202.165.40.65 any eq 443
permit tcp host 202.165.40.65 any eq 443

permit udp host 202.165.40.65 any eq 443
permit udp host 202.165.40.65 any eq 443

4. ip access-list extended mynat

this acl is for my lan computers

what i should do ?????. how to ping remote location with 443 port and got positive response. i am not blocking anything.

lakhwaraa · ‎08-09-2022

No.

Did you checked the configuration.