RE: Access list problem [7:9939]

Tue, 26 Jun 2001 15:05:23 -0700 

Hi,

This to me would seem to be a fairly standard sort of access-list where you
are enforcing all to use internal proxies

permit tcp any host 203.111.42.204 eq www
permit tcp any host 203.111.42.215 eq www

These can then get the required data from the web.  I assume these are
running proxy services.  If you point your browser directly ouit to the web
you will get nothing.

Just a thought,

Teunis
Hobart, Tasmania
Australia


On Tuesday, June 26, 2001 at 04:59:00 AM, Charles Manafa wrote:

> It appears that you are allowing web access (www) to only two servers (.204
> and .215). Which direction are you applying this acl, are you hosting the
> web services?
> 
> CM
> 
> > -----Original Message-----
> > From: John Brandis [mailto:[EMAIL PROTECTED]]
> > Sent: 26 June 2001 09:26
> > To: [EMAIL PROTECTED]
> > Subject: Access list problem [7:9939]
> > 
> > 
> > Hi All,
> > 
> > I thought I was on top of access lists, until today. When ever I apply
> > this particualr access list in IOS 11.2 , nothing on the network can
> > view internet pages. They can ping no problem but nothing else. Please
> > advise if you can, on which line the error is.
> > Thanks all, I appreciate it.
> > 
> > Extended IP access list 110
> >     deny   tcp any any eq 139
> >     permit udp any any eq domain
> >     permit tcp any any eq domain
> >     permit icmp any any
> >     permit tcp any host 203.111.42.200 eq ftp-data
> >     permit tcp any host 203.111.42.200 eq ftp
> >     permit tcp any host 203.111.42.200 eq 22
> >     permit tcp any host 203.111.42.204 eq ftp-data
> >     permit tcp any host 203.111.42.204 eq ftp
> >     permit tcp any host 203.111.42.204 eq www
> >     permit tcp any host 203.111.42.204 eq 3389
> >     permit tcp any host 203.111.42.215 eq smtp
> >     permit tcp any host 203.111.42.215 eq www
> >     permit tcp any host 203.111.42.215 eq 3389
> >     permit ip host 203.111.42.224 any
> >     permit ip host 203.111.42.225 any
> >     permit ip host 203.111.42.226 any
--
www.tasmail.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=10029&t=9939
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to