Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
566
Views
0
Helpful
1
Replies

How to give a PC access to the Internet and to another network ?

anthony_chedid1
Level 1
Level 1

‎04-05-2016 02:52 AM - edited ‎03-08-2019 05:13 AM

Hello, 

I've configured in my topology (attached below) an IPSec tunnel between the Firewalls which allows PC 1 and PC 3 to communicate with PC 2.

The routers R1, R3 and R4 are configured with EIGRP and the Firewall and the remaining routers are configured with static routes ( ip route 0.0.0.0 0.0.0.0 for routers and route outside 0 0 for Firewalls).

Everything works great and there are no problems in that area.

Now, I need to give only PC 3 the ability to access both the Internet and PC 2. 

How can I do that? Should I configure a route map on R1? What ACLs should I set on the Firewalls and the routers? what static route should I configure?

Thank you.

Labels:
Preview file
66 KB
0 Helpful
1 Reply 1

carlguer
Level 1
Level 1

‎04-05-2016 06:36 AM

Hello anthony_chedid1,

If you want to only give access to both Internet and the ability to send traffic across the site to site tunnel to PC 3 you can configure an access-group in the inside interface of the ASA.

This will look something like this:

access-list acl_permit_PC3 permit ip host <PC3 IP> any
access-group acl_permit_PC3 in/out interface inside 

This access-list will give access to PC3 to everything and it will deny access to any other ip to all resources except local lan.

Regards, 

- Javier - 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card