Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello, I/m having problems getting an access-list to work.With the access-group 104 in i lose my internet connectivity.Here's the config. If i remove the access-group 104 in from the gigabitinterface0/0 all works but I want to have the settings on th...
Ok :the dhcp was the following problem :access-list 104 permit udp any any eq bootpcNow the int 0/0 gets an ip after a reboot of the router.Also i put the : ip inspect FW inip inspect FW outon int 0/0 0/1 and 0/1.1Changed the acl 102 and acl 103 to ...
Ok i will try this today.Last questions1) Can you provide me a rule for the acl 102 that allows the subnet 172.17.1.0 to only http, https inside --> outside2) Can you provide me a rule for a local server to only allow smtp3) The NAT rules for thisT...
Hello,I applied the rules and that works.Only thing i have now.Reboot router.Interface 0/0 gets no dhcp address from isp.I have to remove the 104 in from int 0/0Then Router logs : %DHCP -6 - ADDRESS_ASSIGN: Interface GigabitEthernet0/0 assigned DHCP...
Hello Maykol,The purpose of the acl 104 is to restrict the public interface to allow monitoring from for example the temp object network group to the router.Idea is to filter public internet --> public router.As you mentioned already when the acl 10...
