Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1001
Views
0
Helpful
4
Replies

Configuring ip filter on Aironet 1200

jeffreyduclos
Level 1
Level 1

‎08-18-2004 07:32 AM - edited ‎07-04-2021 09:54 AM

My ip filter is configured as follows:

Default Action: Block All

Destination Address: 0.0.0.0 Mask: 0.0.0.0

Source Address: 192.168.1.31 Mask: 0.0.0.0

Action: Forward

I apply this to the FastEthernet port (Incoming and Outgoing)

When I do that I lose connectivity to the ethernet port with my laptop. My laptop is set to 192.168.1.31

I'm following the book step by step. I had no problem setting up a MAC filter, which is basically done the same way.

Any help is appreciated.

Jeff

Labels:
0 Helpful
4 Replies 4

paddyxdoyle
Level 6
Level 6

‎08-19-2004 11:22 AM

Jeff,

I can't quite remember the syntax to create the filters from the GUI, i'll have a look at work tomorrow...

However,

If you telnet/SSH on to your AP and do a show access-list

it should look like

access-list 101 permit host 192.168.1.31 any

int fasthethernet 0/1

access-group 101 in

access-group 101 out

which i think written in the gui should be

destination Address 0.0.0.0 Mask 255.255.255.255

Rgds

Paddy

0 Helpful

paddyxdoyle
Level 6
Level 6
In response to paddyxdoyle

‎08-20-2004 03:25 AM

Jeff,

Just checked on the AP

If you wanted to create your access-list from the web interface

destination would be 0.0.0.0 Mask: 255.255.255.255

source would be 192.168.1.31 Mask: 0.0.0.0

Rgds

Paddy

0 Helpful

jeffreyduclos
Level 1
Level 1
In response to paddyxdoyle

‎08-23-2004 12:42 PM

Paddy,

Thanks for your response.

It works if I only apply the filter to inbound packets. If I apply the filter to outbound packets then my laptop is locked out.

What is the purpose of applying filters to outbound packets?

Thanks

Jeff

0 Helpful

paddyxdoyle
Level 6
Level 6
In response to jeffreyduclos

‎08-25-2004 05:46 AM

Hi Jeff

If you apply the access-list inbound to your AP, you are permitting IP from your laptop IP to anywhere inbound TO the AP

If you apply the access-list outbound from the AP you are permitting any IP from your laptop IP to talk to anywhere outbound FROM the AP.

This will block connections to your AP, as the return packets from the AP will not be sourced from your Laptop IP, they will be sourced from the IP address of the AP.

The following however would work..

access-list 101 permit host 192.168.1.31 any

access-list 102 permit any host 192.168.1.31

int fasthethernet 0/1

access-group 101 in

access-group 102 out

This is where an inbound and outbound access list could be used.

Thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card