11-14-2007 09:37 AM - edited 03-05-2019 07:25 PM
Hello All:
I really am not that good at access and need to restrict all traffic to 10.0.5.x network with the exception of 5 pc's who need full access.
I know you create access-list whatever but I get a little confused about in out etc.
Can anyone provide me with a direction on this or a resource to use. Thanks in advance
Solved! Go to Solution.
11-14-2007 12:07 PM
Hi
Just in case it is still not clear.
Assuming 5 pc's are 192.168.5.1 -> 192.168.5.5
access-list 101 permit ip host 192.168.5.1 10.0.5.0 0.0.0.255
access-list 101 permit ip host 192.168.5.2 10.0.5.0 0.0.0.255
access-list 101 permit ip host 192.168.5.3 10.0.5.0 0.0.0.255
access-list 101 permit ip host 192.168.5.4 10.0.5.0 0.0.0.255
access-list 101 permit ip host 192.168.5.5 10.0.5.0 0.0.0.255
access-list 101 deny ip any 10.0.5.0 0.0.0.255
Then on the interface that connects to the 10.0.5.x network
int fa0/0
ip access-group 101 out
The above config will stop all traffic going onto the 10.0.5.x network from any other subnets with the exception of the 5 pc's.
HTH
Jon
11-14-2007 09:50 AM
11-14-2007 12:07 PM
Hi
Just in case it is still not clear.
Assuming 5 pc's are 192.168.5.1 -> 192.168.5.5
access-list 101 permit ip host 192.168.5.1 10.0.5.0 0.0.0.255
access-list 101 permit ip host 192.168.5.2 10.0.5.0 0.0.0.255
access-list 101 permit ip host 192.168.5.3 10.0.5.0 0.0.0.255
access-list 101 permit ip host 192.168.5.4 10.0.5.0 0.0.0.255
access-list 101 permit ip host 192.168.5.5 10.0.5.0 0.0.0.255
access-list 101 deny ip any 10.0.5.0 0.0.0.255
Then on the interface that connects to the 10.0.5.x network
int fa0/0
ip access-group 101 out
The above config will stop all traffic going onto the 10.0.5.x network from any other subnets with the exception of the 5 pc's.
HTH
Jon
11-14-2007 03:51 PM
Thank you Jon - this was a big help
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: