01-03-2013 02:20 AM - edited 03-07-2019 10:52 AM
Dear Experts,
I have a query . In my office we have a sql sever in LAN so peoples are able to connect to SQL server on port 1433. Now we want to deny users from accessing the Sql server in port 1433 .Same time Adminstrator shoud be abe to connect.
Thanks
Roopesh
Solved! Go to Solution.
01-03-2013 02:32 AM
Hi,
You can create simple ACL
Example:
Suppose you have users: 192.168.1.0/24 range.
SQL server located on 192.168.2.0/24 subnet.
And admin with IP address 192.168.1.100 and SQL server with 192.168.2.200.
ip access-list extended BlockSQL
permit ip host 192.168.1.100 host 192.168.2.200
deny tcp 192.168.1.0 0.0.0.255 host 192.168.2.200 eq 1433
permit ip any any
Then you need to apply it on interface
Router:
int f0/0
ip add 192.168.1.1 255.255.255.0
ip access-group BlockSQL in
This link may help you to understand.
http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00800a5b9a.shtml
Hope it will help.
01-03-2013 02:32 AM
Hi,
You can create simple ACL
Example:
Suppose you have users: 192.168.1.0/24 range.
SQL server located on 192.168.2.0/24 subnet.
And admin with IP address 192.168.1.100 and SQL server with 192.168.2.200.
ip access-list extended BlockSQL
permit ip host 192.168.1.100 host 192.168.2.200
deny tcp 192.168.1.0 0.0.0.255 host 192.168.2.200 eq 1433
permit ip any any
Then you need to apply it on interface
Router:
int f0/0
ip add 192.168.1.1 255.255.255.0
ip access-group BlockSQL in
This link may help you to understand.
http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00800a5b9a.shtml
Hope it will help.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: