Have following internal local networks:
Local Networks : 10.42.232.0 through 10.42.239.0
Have a host at 10.42.237.23 that I want to permit local networks to
access (TCP port 2200)
Want to deny access to host 10.42.237.23 for all others
Want to permit all other traffic any any
In effect I just need to deny access to one host for stated port for
every not on the local network. What should the access-list look like, I'd
hate to club my local network.
May current plan was to
access-list 113 permit tcp 10.42.232.0 0.0.248.255 host 10.42.237.23
access-list 113 deny tcp any host 10.42.237.23
access-list 113 permit tcp any any
{implicit deny}
config-int vlan 237
ip access-group 113 in
But I have have the sinking feeling I am about to club all other
protocols. Can someone straighten me out?
Thanks in advance.
Luke
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=1274&t=1274
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
