Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1547
Views
0
Helpful
4
Replies

Packet Tracer- Extended ACL

YoungieIT
Level 1
Level 1

‎03-28-2020 03:53 AM - edited ‎03-28-2020 03:53 AM

Hello guys, this is my first time using this forum, I dont know if It is the right place to ask but I hope so.

 

Im currently doing a 10 points project at school, and I need help with something. 

 

I have inserted a file with includes the photo.

In the photo you will see two networks 192.168.30.0, and 192.168.50.0

What I need to do is to prevent the whole network of 192.168.30.0, from accessing the computers at 192.168.50.0. but they should be able to access the server. How do I make it happen? I tried doing access-list [NUM] deny tcp 192.168.50.0 0.0.0.255 192.168.30.0 0.0.0.255 eq 80 (Which is on

Labels:
Tikshuv .jpg
Preview file
265 KB
0 Helpful
4 Replies 4

Georg Pauwen
VIP
VIP

‎03-28-2020 04:26 AM

Hello,

 

the picture does not show what IP address the server has. Let's say it is 192.168.50.100. If you want network 192.168.30.0/24 to just access this server and nothing else, you need to have a statement that permits access to that server:

 

access-list 101 permit 192.168.30.0 0.0.0.255 host 192.168.50.100

 

The implicit 'deny' will allow only access to the server, everything else is denied.

 

Actually, post the (zipped) .pkt Packet Tracer project file

0 Helpful

YoungieIT
Level 1
Level 1
In response to Georg Pauwen

‎03-28-2020 04:38 AM - edited ‎03-28-2020 04:45 AM

There is a couple servers, I want the network (which is the destination) 192.168.30.0 to be able to connect them, the net id of the source is 192.168.50.0 but it doesn't include only servers. it also includes computers. I will rather not post the file. 

I tried doing 

access-list 100 deny tcp 192.168.50.0 0.0.0.255 192.168.30.0 0.0.0.255 

and then allow only access for servers, for exampe: access-list 100 deny permit tcp 192.168.50.0 0.0.0.255 192.168.30.0 0.0.0.255 eq 80, It still didn't work.

I just started doing ACL's a week ago so it might be difficult for me to understand. but the network that is including both servers nand computers is located above to the right. The Router next to the server is the one im configuring my ACL at.

 

 

Thanks again

0 Helpful

omz
VIP Alumni
VIP Alumni

‎03-28-2020 04:32 AM

Hi 

where are you configuring the acl? device, interface, and direction?

Have a look at this document - there are good examples.

HTH

0 Helpful

YoungieIT
Level 1
Level 1
In response to omz

‎03-28-2020 04:39 AM

The ACL List In configured at the source of 192.168.50.0- which is the router next to it.

 

0 Helpful
Related community topics
Customers Also Viewed These Support Documents
Top