you need the keyword established- but also don't forget to permit the
necessary traffic through the interface. Don't need the deny any any- it is
implicit anyway
-----Original Message-----
From: Jianfeng Wang [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 11, 2000 9:59 AM
To: [EMAIL PROTECTED]
Subject: Access list
Hi all,
I have a router that has 2 ether interface - 0 and 1. 0 connect to
outside and 1 to inside.
I set up an access list like below:
access-list 101 deny any any
interface Ethernet0
ip access-group 101 in
I expect that will only allow applications like web browser initiate
connection from inside but not outside. However, I find both end failed
browse through the router. Should I add something like "access-list 101
permit any eq www any" to allow www traffic from ether1 to ether0?
Any advice is appreciated.
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]