Yahoo Answers is shutting down on May 4th, 2021 (Eastern Time) and beginning April 20th, 2021 (Eastern Time) the Yahoo Answers website will be in read-only mode. There will be no changes to other Yahoo properties or services, or your Yahoo account. You can find more information about the Yahoo Answers shutdown and how to download your data on this help page.

Trending News

Promoted
Unknown_Usr
Lv 4
Unknown_Usr asked in Computers & InternetComputer Networking · 1 decade ago

Cisco extended ACL question. How to I limit access to only one host?

I have a class C. Let's call it 192.168.1.0/24. It a live range, the non-routable range is just for example purposes.

The range is broken down into 4 subnets. 192.168.1.1/26, 192.168.1.65/26, 192.168.1.129/26, & 192.168.1.193/26. The FastEthernet port is 192.168.1.254. I have a route allowing anything going from 192.168.1.0/24 through the firewall behind the router at 192.168.1.253. I need to limit the access of one single host that is on the DMZ. It is 192.168.1.252. I tried making an extended ACL, but it interferes with the traffic for the rest of the LAN. What am I doing wrong?

access-list 110 permit tcp any host 192.168.1.252 eq 80

access-list 110 permit tcp any host 192.168.1.252 eq 443

access-list 110 permit tcp any host 192.168.1.252 eq 3389

access-list 110 permit tcp any host 192.168.1.252 eq 3306

access-list 110 permit ip any 192.168.1.0 0.0.0.255

access-list 110 deny ip any host 192.168.1.252

access-list 120 permit tcp host 192.168.1.252 any eq 25

access-list 120 permit tcp host 192.168.1.252 any eq ftp

access-list 120 permit tcp host 192.168.1.252 any eq 69

access-list 120 permit tcp host 192.168.1.252 any eq 3306

access-list 120 permit ip any 192.168.1.0 0.0.0.255

access-list 120 deny ip host 192.168.1.252 any

There are no answers yet.
Be the first to answer this question.