On what interface(s) is that ACL applied? The way you've written it, the ACL permits IP traffic with a source address of 165.5.x.x, and the second (unnecessary) line denies all other traffic. If that ACL is applied on the interfaces that your users dial into, then it won't accomplish much. If you're trying to filter based on destination IP address, then the first line should be written "access-list 110 permit ip any 165.5.0.0 0.0.0.255"
hth, Hal > -----Original Message----- > From: J. Johnson [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, December 12, 2001 2:24 PM > To: [EMAIL PROTECTED] > Subject: Access Lists [7:28927] > > > We have a Cisco 5300 Dial-up. We want to allow everyone to get to our > network when they dial in. We do not want everyone to get on > the internet > when they dial-in. This is what my access list look like > > access-list 110 permit ip 165.5.0.0 0.0.255.255 any > access-list 110 deny ip any any > > Everyone can get to our network and get on the internet with > the above list. > Can you see anything wrong? > > Thanks. > > Jill Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28949&t=28927 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
