05-01-2013 06:16 PM - edited 03-04-2019 07:47 PM
I have a host in my network that I would like to allow to reach all local resources, but only one public IP address. I have been reading about access lists but I am getting confused with the "source wildcard bits". For the sake of this example, I want the host to be able to access 10.0.0.0/8. and a single public IP address of 8.8.8.8. Can someone please show me the config for this?
I do not want my host to be able to reach any other IP addresses.
Thank you very much in advance!
Solved! Go to Solution.
05-01-2013 08:24 PM
ip access-list extended any_name or number_b/w (100 -199)
permit ip host x.x.x.x 10.0.0.0 0.255.255.255
permit ip host x.x.x.x host 8.8.8.8
deny ip any any log
we need to apply this acl to take effect.
For example Fa0/1 is the LAN interface then
int fa0/1
ip access-group acl_name or number_b/w (100-199) in
05-01-2013 08:24 PM
ip access-list extended any_name or number_b/w (100 -199)
permit ip host x.x.x.x 10.0.0.0 0.255.255.255
permit ip host x.x.x.x host 8.8.8.8
deny ip any any log
we need to apply this acl to take effect.
For example Fa0/1 is the LAN interface then
int fa0/1
ip access-group acl_name or number_b/w (100-199) in
05-07-2013 03:05 AM
This worked. I ended up changing the ACL a bit, but yours did work .
Thank you!
Sent from Cisco Technical Support iPhone App
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: