RE: Managing www access using ACL's [7:7589]

Mon, 11 Jun 2001 08:28:39 -0700 

Actually, the acl as listed would _only_ permit www traffic and 
would most probably not work since the internal users would not be 
able to resolve DNS queries (the only way it would work is with 
static host files on the end-stations).  At a minimum, DNS queries 
would have to be permitted out for any access to work at all.

-Kent

On 7 Jun 2001, at 17:19, McClendon Susan Contr AEDC/AC wrote:

> This access-list would permit www for the source-ip's and deny
> everyone else.  Are you going to enable access to newsgroups and ftp
> sites?  
> 
> -susan
> 
> > -----Original Message-----
> > From: Bob S [mailto:[EMAIL PROTECTED]]
> > Sent: Thursday, June 07, 2001 3:22 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: Managing www access using ACL's [7:7589]
> > 
> > 
> > I believe this would totally deny access not limit it.
> > 
> > 
> > 
> > >From: "No Data" 
> > >Reply-To: "No Data" 
> > >To: [EMAIL PROTECTED]
> > >Subject: Re: Managing www access using ACL's [7:7589]
> > >Date: Thu, 7 Jun 2001 15:26:58 -0400
> > >
> > >(config)#access-list 100 permit tcp 'source-ip' any eq
> > >www
> > >(config)#access-list 100 deny tcp any any eq www
> > >(config-if)#ip access-group 100 out
> > >
> > >make the interface the one headed towards the internet
> > >or where ever your http server is.
> > >
> > >Ben, CCNP
> > >
> > >--- Mark Villanova  wrote:
> > > > Whats the best way to limit www access to a group of
> > > > say 20 ips using access
> > > > lists?
> > >[EMAIL PROTECTED]
> > >
> > >
> > >__________________________________________________
> > >Do You Yahoo!?
> > >Get personalized email addresses from Yahoo! Mail - only $35
> > >a year!  http://personal.mail.yahoo.com/
> > _________________________________________________________________
> > Get your FREE download of MSN Explorer at http://explorer.msn.com
> Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=7999&t=7589
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to