12-02-2010 08:26 AM - edited 03-06-2019 02:19 PM
I have a Catalyst 3750 switch acting as a core switch. I want configure access list on the switch to allow only specific ports to be accessible and deny all others.
Here is my access list
access-list 100 permit tcp any host 192.168.20.20 eq 25
access-list 100 permit tcp any host 192.168.20.20 eq 110
access-list 100 permit udp any host 192.168.20.20 eq 53
access-list 100 permit tcp any host 192.168.30.100 eq 80
access-list 100 permit tcp any host 192.168.30.30 eq 445
access-list 100 permit ip any host 192.168.10.10
access-list 100 deny any any log
When I apply this list to the VLANs incoming there is no internet access to that VLAN clients.
192.168.10.10 is connected to the ISP, and configured as default route on the core switch.
How can I accomplish this without breaking the internet access?
Thanks
12-02-2010 09:04 AM
Hello Ismail,
can you share topology and also please clarify those IP belongs to which part of topology
Regards
Mahesh
12-02-2010 10:37 AM
This is the network looks like
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide