12-02-2010 08:26 AM - edited 03-06-2019 02:19 PM
I have a Catalyst 3750 switch acting as a core switch. I want configure access list on the switch to allow only specific ports to be accessible and deny all others.
Here is my access list
access-list 100 permit tcp any host 192.168.20.20 eq 25
access-list 100 permit tcp any host 192.168.20.20 eq 110
access-list 100 permit udp any host 192.168.20.20 eq 53
access-list 100 permit tcp any host 192.168.30.100 eq 80
access-list 100 permit tcp any host 192.168.30.30 eq 445
access-list 100 permit ip any host 192.168.10.10
access-list 100 deny any any log
When I apply this list to the VLANs incoming there is no internet access to that VLAN clients.
192.168.10.10 is connected to the ISP, and configured as default route on the core switch.
How can I accomplish this without breaking the internet access?
Thanks
12-02-2010 09:04 AM
Hello Ismail,
can you share topology and also please clarify those IP belongs to which part of topology
Regards
Mahesh
12-02-2010 10:37 AM
This is the network looks like
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: