Hi guys i need some help. Still new to cisco and learning. I have configured local area network with ISP. Everything is working. All hosts in my LAN can contact the "google" web server behind ISP with its public ip address. I created an ACL to block or to not translate the 192.168.1.0 /27 network when going out to the "internet" or when contacting the web server but the hosts can still contact the server. I dont know what i am doing wrong in the creating the ACL if i have to apply it to the subinterface or the main router which is connected to the ISP.
Accepted Solutions
Hi @Tuff ,
Try these configurations in your bordear router:
In the configured networks I kept the Sales network to perform ACL operation tests
In ACL deny-Sales, deny the Sales network and allow all others.
Then, you should only apply this ACL to the two internal interfaces
Regards
PD:
I think you are missing some configurations:
-You must apply the NAT to the inetrfaces of your border router:
Interface to ISP: ip nat outside
Internal Inetrfaces: ip nat inside
-The default route must be propagated by the RIP protocol (the one you are using) using the command: default-information originate.
If you still have doubts, you could compress your exercise (median winzip, for example) and attach it.
Hi @Tuff ,
Try these configurations in your bordear router:
In the configured networks I kept the Sales network to perform ACL operation tests
In ACL deny-Sales, deny the Sales network and allow all others.
Then, you should only apply this ACL to the two internal interfaces
Regards
PD:
I think you are missing some configurations:
-You must apply the NAT to the inetrfaces of your border router:
Interface to ISP: ip nat outside
Internal Inetrfaces: ip nat inside
-The default route must be propagated by the RIP protocol (the one you are using) using the command: default-information originate.
If you still have doubts, you could compress your exercise (median winzip, for example) and attach it.
