> !
> access-list 123 permit tcp any any eq ftp
> access-list 123 permit tcp any any eq smtp
> access-list 123 permit tcp any any eq domain
> access-list 123 permit udp any any eq domain
> access-list 123 permit tcp any any eq www
> access-list 123 permit tcp any any eq 443
> access-list 123 deny tcp any any
> access-list 123 deny udp any any
> access-list 123 permit ip any any
> !
> in s0
> ip access-group 123 in
You're applying the ACLs above on serial0's INBOUND traffic? You want to
control the access of users inside your network or users outside of your
network?
BTW, you could delete the DENY TCP and DENY UDP rules since IOS puts an
implicit deny all at the end of each ACL (it doesn't appear using sh run but
it's there).
M. Yu
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
