Cisco Community
English
Register
Their endless contributions help thousands around the globe. Meet the new Cisco VIP 2022 Class! LEARN MORE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
188
Views
0
Helpful
0
Replies
newbie_08
Beginner
Beginner
‎11-10-2021 06:31 AM
‎11-10-2021 06:31 AM

Object-group Access control list

Hi there,

 I need to implement ACL in router using object group method. The scenario is host(1.1.1.1) send images to 3 servers ( 2.2.2.2,3.3.3.3, 4.4.4.4) via tcp port 3320,104,2104 and the host retrieve data from the server via same port.

Appreciate your advise on this on how to implement.Please advice below config are correct

object-group network ACL_device
description device
host 1.1.1.1
!
object-group service server_Port
description Service Port
tcp eq 3320
tcp eq 104
tcp eq 2104
!

object-group network ACL_server
description server
host 2.2.2.2
host 3.3.3.3
host 4.4.4.4
! 

ip access-list extended ACL_XX
remark device to send data to server
permit object-group ACL_device object-group server_Port object-group ACL_server
remark device to retrive data from server
permit object-group ACL_server object-group server_Port object-group ACL_device
!
int Po1
ip access-group ACL_XX in 
ip access-group ACL_XX out
 

 

Labels:
0 Helpful
0 REPLIES 0
Latest Contents
Cisco Champion 2022 applications now open
Created by Amilee San Juan on 01-26-2022 05:43 PM
0
0
0
0
This is the sign you have been waiting for. It's the year you apply to become a Cisco Champion. As a Cisco Champion, you’ll: Get early insights into new Cisco products and solutions  Receive access to Cisco’s engineering rock stars Expand your ... view more
The Network. Powering Hybrid Work.
Created by Kelli Glass on 01-25-2022 03:22 PM
0
0
0
0
Discover how your network can power hybrid work with no compromise in security, agility, or experience. Join us on Wednesday, February 23 at 10:00 AM PT / 1:00 PM ET for insights on innovations in Wi-Fi 6E, private 5G and more. Hear from our panel of cus... view more
Cisco Champion Radio: S9|E3 Powering the World of Esports
Created by Amilee San Juan on 01-25-2022 02:53 PM
0
0
0
0
Listen: https://smarturl.it/CCRS9E3Follow us: https://twitter.com/CiscoChampion  Esports is booming and Cisco is taking a front seat in the future of Esports in a big way. Game publishers, professional teams, tournament organizers and venue owners ar... view more
Cisco IOS-XE Cupertino 17.7.1: What’s New in Enterprise Swit...
Created by Raj Kumar Goli on 01-19-2022 04:05 PM
2
0
2
0
Cisco recently announced the availability of the IOS-XE train – IOS-XE Cupertino 17.7.1. This is a standard maintenance release supporting switching, wireless, SP-Access, Routing as well as IoT (Internet of things) platforms with a sustaining support life... view more
OSPF NSSA Area Type In depth Exploration
Created by meddane on 01-18-2022 04:51 AM
0
0
0
0
 Basic configuration of all routers: R1:ipv uni!interface Loopback0 ipv6 address 1::1/64!interface FastEthernet0/0 ipv6 address 12::1/64 ipv6 ospf 1 area 0!interface FastEthernet0/1 ipv6 address 13::1/64 ipv6 ospf 1 area... view more
Ask a Question
Create
+ Discussion
+ Blog
+ Document
+ Video
+ Project Story
Find more resources
Discussions
Blogs
Documents
Events
Videos
Project Gallery
New Community Member Guide
Related support document topics
Recognize Your Peers
Spotlight Award Nomination
Content for Community-Ad