Skip to main content

Setting Up Access List On Cisco Router

Image
By User
access-list
In this Example will open ports for need to use out of using will close it alls.
This case no have inside (internal) server.
Step for setting Up :
Router#conf t
Router(config)#access-list 100 permit tcp any any range 20 23
Router(config)#access-list 100 permit tcp any any eq 25
Router(config)#access-list 100 permit tcp any any eq 53
Router(config)#access-list 100 permit tcp any any eq 80
Router(config)#access-list 100 permit tcp any any eq 110
Router(config)#access-list 100 permit tcp any any eq 143
Router(config)#access-list 100 permit tcp any any eq 443
Router(config)#access-list 100 permit udp any any eq 53
Router(config)#access-list 100 permit udp any any eq 161
Router(config)#access-list 100 permit tcp any any eq 3306
Router(config)#access-list 100 permit icmp any any echo
Router(config)#access-list 100 deny ip any any
Router(config)#int f0
Router(config-if)#ip access-group 100 in

This case : have inside (internal server)
Server IP for this case as below :
Web Server : 202.129.49.194
FTP Server : 202.129.49.195
DNS Server : 202.129.49.196
Mail Server : 202.129.49.197
Step for Setting Up :
Router#conf t
Router(config)#access-list 100 permit tcp any any range 20 23
Router(config)#access-list 100 permit tcp any any eq 25
Router(config)#access-list 100 permit tcp any any eq 53
Router(config)#access-list 100 permit tcp any any eq 80
Router(config)#access-list 100 permit tcp any any eq 110
Router(config)#access-list 100 permit tcp any any eq 143
Router(config)#access-list 100 permit tcp any any eq 443
Router(config)#access-list 100 permit udp any any eq 53
Router(config)#access-list 100 permit udp any any eq 161
Router(config)#access-list 100 permit tcp any any eq 3306
Router(config)#access-list 100 permit icmp any any echo
Router(config)#access-list 100 permit tcp host 202.129.49.194 eq 80 any
Router(config)#access-list 100 permit tcp host 202.129.49.195 any < For FTP Server >
Router(config)#access-list 100 permit tcp host 202.129.49.196 eq 53 any < For DNS Server : tcp>
Router(config)#access-list 100 permit udp host 202.129.49.196 eq 53 any < For DNS Server : udp >
Router(config)#access-list 100 permit tcp host 202.129.49.197 eq 25 any < For SMTP>
Router(config)#access-list 100 permit tcp host 202.129.49.197 eq 110 any < For pop3>
Router(config)#access-list 100 permit tcp host 202.129.49.197 eq 143 any < For imap>
Router(config)#access-list 100 deny ip any any
Router(config)#int f0
Router(config-if)#ip access-group 100 in
Hope this topic will help you fixed out about setting up access list on cisco router
Labels:

Comments

Post a Comment

Popular posts from this blog

Slow Android emulator

By User
I have a 2.67 GHz Celeron processor, 1.21 GB of RAM on a x86 Windows XP Professional machine. My understanding is that the Android emulator should start fairly quickly on such a machine, but for me it does not. I have followed all instructions in setting up the IDE, SDKs, JDKs and such and have had some success in staring the emulator quickly but is very particulary. How can I, if possible, fix this problem?
30 comments
Read more