I'm having a
problem with my access-list for my cisco router. Let me give you my
exact acess-list :
access-list 103
permit tcp any any eq 80 (Web)
access-list 103 permit tcp any any eq 443
(secure web(cybercash, kmart, etc))
access-list 103 permit tcp any any eq
25 (SMTP)
access-list 103 permit tcp any any eq 21 (FTP)
access-list 103
permit tcp any any eq 23 (Telnet)
access-list 103 permit tcp any any eq
5190 (AIM)
access-list 103 permit tcp any any eq 7070
(Realaudio)
access-list 103 permit tcp any any eq 53 (DNS)
access-list
103 permit ip 216.*.*.* 0.0.0.0 any
access-list 103
permit ip 216.*.*.* 156 0.0.0.0 any
access-list 103 permit ip 63.*.*.*
0.0.0.0 any
access-list 103
permit tcp any any eq 106
access-list 103 permit udp any any eq
106
access-list 103 permit tcp any any eq 109
access-list 103 permit udp
any any eq 109
access-list 103 permit tcp any any eq 110
access-list 103
permit udp any any eq 110
access-list 103 permit tcp any any eq
554
access-list 103 permit tcp any any eq 7070
access-list 103 permit
tcp any any eq 8080
access-list 103 permit tcp any any eq
9090
access-list 103 permit tcp any any eq 8181
Of Course what is
in the parenthesis is not included in the list. For some reason, the
workers in my LAN don't have access to the www, among other things. What
am I doing wrong? I am allowing tcp port 80, from anywhere to anywhere,
so I can't see what the problem is. Oh - by the way, this is on my line
coming in the the web.
Any help is
definitely appreciated!
Thanks a
MILLION,
Justin
[GKHunter]
Justin,
where is the '156' in the second
'permit ip' rule coming from? what are the 'other things' that your users
can't access?
<g>
