Access List Help
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-26-2013 12:42 PM
I'm working with ip access-list extended.
I am building a new tunnel between my Cisco router and a 3rd party. They provided me a single public IP in the form: 1.1.1.1/32. With /32 on a single IP.
If I add these as: "permit ip 1.1.1.1 255.255.255.255 " is this not the same as "any"?
Doing "permit ip 1.1.1.1 [my private subnet][wildcardmask]" errors.
I want to only allow that single IP to my private subnet through the extended access-list.
Please help.
- Labels:
-
VPN
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-26-2013 02:16 PM
Hi there
1- ip access-list extended YOUR_ACL
deny ip 1.1.1.1 0.0.0.0 15.15.15.0 0.0.0.255
permit ip host 1.1.1.1 any
So, the denies the traffic from 1.1.1.1/32 to 15.15.15.0/24 and then, allows any traffic from the host 1.1.1.1/32 to any.
Two different ways to define the host "1.1.1.1" in the ACL.
Further information:
HTH.
