Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
554
Views
0
Helpful
5
Replies

Access control list

Go to solution
smith606306
Level 1
Level 1

‎11-01-2012 07:36 AM - edited ‎03-07-2019 09:48 AM

       I need to set up an access list on our core switch so that one BMS server with IP address 10.123.234.1/24    can be accessed by all users on the 10.123.232.0/24  subnet.


interface Vlan370
description Meters VLAN 10.123.232.x
ip address 10.123.234.252 255.255.255.0
ip access-group METERS-IN in
no ip redirects
no ip unreachables
no ip proxy-arp


Extended IP access list METERS_IN
10 permit ip host 10.213.234.1 10.123.232.0 0.0.0.255 any

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to smith606306

‎11-01-2012 07:27 PM

Andrew

Shillings observation is correct that in an extended access list the order is source_address source_mask destination_address destination_mask. But since your access list is configured to be inbound on the VLAN where the server is located, then your original access list is correct and your revised access list would not work.

You have described what you want to achieve and you gave us a very partial config. But you do not tell us whether it is working or is not working. And you have not told us anything about the rest of the network environment.

If you want better answers from us then you need to give us more information.

HTH

Rick

HTH

Rick

View solution in original post

0 Helpful
5 Replies 5

Go to solution
shillings
Level 4
Level 4

‎11-01-2012 08:13 AM

It's source address first, then destination address. Therefore, the addresses need swapping round.

0 Helpful

Go to solution
smith606306
Level 1
Level 1
In response to shillings

‎11-01-2012 09:16 AM

Extended IP access list METERS_IN

10 permit ip 10.123.232.0 0.0.0.255 host 10.213.234.1

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to smith606306

‎11-01-2012 07:27 PM

Andrew

Shillings observation is correct that in an extended access list the order is source_address source_mask destination_address destination_mask. But since your access list is configured to be inbound on the VLAN where the server is located, then your original access list is correct and your revised access list would not work.

You have described what you want to achieve and you gave us a very partial config. But you do not tell us whether it is working or is not working. And you have not told us anything about the rest of the network environment.

If you want better answers from us then you need to give us more information.

HTH

Rick

HTH

Rick
0 Helpful

Go to solution
shillings
Level 4
Level 4
In response to Richard Burts

‎11-02-2012 02:56 AM

Oops! Thanks Richard and appologies Andrew!

0 Helpful

Go to solution
smith606306
Level 1
Level 1
In response to Richard Burts

‎11-02-2012 05:55 AM

It works fine Richard.

I was just getting my source/ destinations mixed up.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card