Allen,
They would all be coming through the router.
I want to allow all local hosts access and deny the rest of the
intrAnet. This is an NT 4.0 sp6a server with a backup application running
that allows host-to-server backups. The problem is for dialup and WAN hosts
it will consume all the bandwidth during the data transfer. If I can do it
at the server that would be fine (any details on how would help), I just
thought it would be easier on the router. I did notice a typo I made in the
access list, the last line should read permit ip any any (not tcp any any).
Will this work or am I missing something.
Regards,
Luke.
""Allen May"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Unless they're going through the router to get to the server an
access-list
> won't help you there. That just filters traffic passing through
interfaces.
> If it's on the same network you'll have to permit/deny at the server
itself.
> It's possible with all operating systems. What kind of server is it?
>
> ----- Original Message -----
> From: "Luke"
> To:
> Sent: Thursday, April 19, 2001 2:19 PM
> Subject: Need access list help [7:1274]
>
>
> > Have following internal local networks:
> >
> > Local Networks : 10.42.232.0 through 10.42.239.0
> > Have a host at 10.42.237.23 that I want to permit local networks
> to
> > access (TCP port 2200)
> > Want to deny access to host 10.42.237.23 for all others
> > Want to permit all other traffic any any
> >
> > In effect I just need to deny access to one host for stated port for
> > every not on the local network. What should the access-list look like,
> I'd
> > hate to club my local network.
> >
> > May current plan was to
> >
> > access-list 113 permit tcp 10.42.232.0 0.0.248.255 host
> 10.42.237.23
> > access-list 113 deny tcp any host 10.42.237.23
> > access-list 113 permit tcp any any
> > {implicit deny}
> >
> > config-int vlan 237
> > ip access-group 113 in
> >
> > But I have have the sinking feeling I am about to club all other
> > protocols. Can someone straighten me out?
> >
> > Thanks in advance.
> >
> > Luke
> > FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=1283&t=1274
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
