Thanx, I'll give it a try and let you know what happened.
Howard
""Dennis"" <[EMAIL PROTECTED]> wrote in message
971ktt$1rj$[EMAIL PROTECTED]">news:971ktt$1rj$[EMAIL PROTECTED]...
> try this--
>
> access-list 101 permit tcp any host x.x.x.x eq 80
> access-list 101 permit tcp any any established
> access-list 101 deny ip any any
>
> x.x.x.x is the ip address of the webserver
>
> this will be applied to the serial interface inbound. you may also want
to
> add other rules to this list to prevent things like address spoofing and
add
> rules for other inbound connections that you may want to make like smtp or
> ftp or icmp.
>
> The earlier suggestion of permit ip any any established will not work.
>
> give it a try.
> -d
> ""Howard Yuan"" <[EMAIL PROTECTED]> wrote in message
> 96v3de$pfl$[EMAIL PROTECTED]">news:96v3de$pfl$[EMAIL PROTECTED]...
> > I think it would help if I thoroughly explain the situation.
> >
> > I have a webserver taht I want people to be able to access. Being a
> Novell
> > webserver, it has the ability to go in to change some settings on the
> > webserver. To do this, you just type in the address and add ":2200"
into
> > the end. So, I don't want people to be able to access this from the
> > outside, letting only people from the inside to be able to do this. So,
I
> > want to do this and the other situation that I talked about. Please
> advice.
> > Thanx.
> >
> > Howard
> >
> > ""Scott M. Trieste"" <[EMAIL PROTECTED]> wrote in message
> > 96v2mh$lkg$[EMAIL PROTECTED]">news:96v2mh$lkg$[EMAIL PROTECTED]...
> > > Howard,
> > >
> > > If you are trying to block all incoming traffic from the Internet,
> without
> > > inhibiting your outgoing network traffic use this command at the
> beginning
> > > of your ACL:
> > >
> > > permit ip any any established.
> > >
> > > This will allow all tcp/udp conversations through the firewall, as
long
> as
> > > they were initiated from inside your network.
> > >
> > > Regards,
> > >
> > > Scott M. Trieste
> > >
> > > ""Howard Yuan"" <[EMAIL PROTECTED]> wrote in message
> > > 96v2gr$kri$[EMAIL PROTECTED]">news:96v2gr$kri$[EMAIL PROTECTED]...
> > > > Hi,
> > > >
> > > > I'm trying to set up a firewall on my Cisco router. I'm trying to
> block
> > > > everything from the Internet except for webpage access (port 80).
> But,
> > > when
> > > > I set it up to do that, I can not surf the net without putting in
the
> > > line:
> > > >
> > > > permit ip any any
> > > >
> > > > But, doing that will allow everything to come in through the router.
> I
> > > > don't want anybody being able to come in through any port except for
> the
> > > > ones I specify. Is there anybody that know how to do that? Please
> tell
> > > me.
> > > > Thank you in advanced.
> > > >
> > > > Howard
> > > >
> > > >
> > > > _________________________________
> > > > FAQ, list archives, and subscription info:
> > > http://www.groupstudy.com/list/cisco.html
> > > > Report misconduct and Nondisclosure violations to
[EMAIL PROTECTED]
> > > >
> > >
> > >
> > > _________________________________
> > > FAQ, list archives, and subscription info:
> > http://www.groupstudy.com/list/cisco.html
> > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> > >
> >
> >
> > _________________________________
> > FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
>
>
> _________________________________
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
