08-18-2004 07:32 AM - edited 07-04-2021 09:54 AM
My ip filter is configured as follows:
Default Action: Block All
Destination Address: 0.0.0.0 Mask: 0.0.0.0
Source Address: 192.168.1.31 Mask: 0.0.0.0
Action: Forward
I apply this to the FastEthernet port (Incoming and Outgoing)
When I do that I lose connectivity to the ethernet port with my laptop. My laptop is set to 192.168.1.31
I'm following the book step by step. I had no problem setting up a MAC filter, which is basically done the same way.
Any help is appreciated.
Jeff
08-19-2004 11:22 AM
Jeff,
I can't quite remember the syntax to create the filters from the GUI, i'll have a look at work tomorrow...
However,
If you telnet/SSH on to your AP and do a show access-list
it should look like
access-list 101 permit host 192.168.1.31 any
int fasthethernet 0/1
access-group 101 in
access-group 101 out
which i think written in the gui should be
destination Address 0.0.0.0 Mask 255.255.255.255
Rgds
Paddy
08-20-2004 03:25 AM
Jeff,
Just checked on the AP
If you wanted to create your access-list from the web interface
destination would be 0.0.0.0 Mask: 255.255.255.255
source would be 192.168.1.31 Mask: 0.0.0.0
Rgds
Paddy
08-23-2004 12:42 PM
Paddy,
Thanks for your response.
It works if I only apply the filter to inbound packets. If I apply the filter to outbound packets then my laptop is locked out.
What is the purpose of applying filters to outbound packets?
Thanks
Jeff
08-25-2004 05:46 AM
Hi Jeff
If you apply the access-list inbound to your AP, you are permitting IP from your laptop IP to anywhere inbound TO the AP
If you apply the access-list outbound from the AP you are permitting any IP from your laptop IP to talk to anywhere outbound FROM the AP.
This will block connections to your AP, as the return packets from the AP will not be sourced from your Laptop IP, they will be sourced from the IP address of the AP.
The following however would work..
access-list 101 permit host 192.168.1.31 any
access-list 102 permit any host 192.168.1.31
int fasthethernet 0/1
access-group 101 in
access-group 102 out
This is where an inbound and outbound access list could be used.
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide