RE: ACL problem [7:3039]
Can you provide some ascii art here? Is the ACL in or out? From where to where? When you say you have another box with the exact same list and it works, where is that box in relation to the box where it doesn't work? Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Dwayne Saunders Sent: Thursday, May 03, 2001 8:18 AM To: [EMAIL PROTECTED] Subject:ACL problem [7:3039] Hi all, Just wondering if you can help me I have a small problem with a ACL, below you see that ip from 192.168.5.0 network is allowed to send to anything and the next line allows the 10 network to send to 5.65 on port 1433. My problem is that with this in place I can get from the 5 network to the 10 but I do not get a reply. I have another box with the ip of 192.168.5.66 with exactly the same rule as the 192.168.5.65 box and this works. Would anyone have any ideas on this access-list 110 permit ip 192.168.5.0 0.0.0.255 any access-list 110 permit tcp 192.168.10.0 0.0.0.255 host 192.168.5.65 eq 1433 D'Wayne Saunders Senior MIS Operator, CCNA FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3044&t=3039 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ACL problem [7:3039]
the access list is inbound on two interfaces the out bound allows any the boxes are physically next to each other and reside on the same vlan there port are next to each other as well hopes this helps D'Wayne Saunders Senior MIS Operator -Original Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Friday, 4 May 2001 0:54 To: Dwayne Saunders; [EMAIL PROTECTED] Subject: RE: ACL problem [7:3039] Can you provide some ascii art here? Is the ACL in or out? From where to where? When you say you have another box with the exact same list and it works, where is that box in relation to the box where it doesn't work? Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Dwayne Saunders Sent: Thursday, May 03, 2001 8:18 AM To: [EMAIL PROTECTED] Subject:ACL problem [7:3039] Hi all, Just wondering if you can help me I have a small problem with a ACL, below you see that ip from 192.168.5.0 network is allowed to send to anything and the next line allows the 10 network to send to 5.65 on port 1433. My problem is that with this in place I can get from the 5 network to the 10 but I do not get a reply. I have another box with the ip of 192.168.5.66 with exactly the same rule as the 192.168.5.65 box and this works. Would anyone have any ideas on this access-list 110 permit ip 192.168.5.0 0.0.0.255 any access-list 110 permit tcp 192.168.10.0 0.0.0.255 host 192.168.5.65 eq 1433 D'Wayne Saunders Senior MIS Operator, CCNA FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3045&t=3039 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ACL problem [7:3039]
Hi, Am I reading what you have correctly, It seems to me on one line you have the source address of 192.168.5.xxx and in the next statement 192.168.10.xxx. My guess is the second line should be more like access-list 110 permit tcp host 192.168.5.65 192.168.10.0 0.0.0.255 eq 1433 Or the first line to be the other way around depending on how you have the access-list applied to your interface. Just a thought Teunis Hobart, Tasmania Australia On Thursday, May 03, 2001 at 11:17:41 AM, Dwayne Saunders wrote: > Hi all, > Just wondering if you can help me I have a small problem with a ACL, > below you see that ip from 192.168.5.0 network is allowed to send to > anything and the next line > allows the 10 network to send to 5.65 on port 1433. My problem is that with > this in place I can get from the 5 network to the 10 but I do not get a > reply. I have another box with the ip of 192.168.5.66 with exactly the same > rule as the 192.168.5.65 box and this works. > Would anyone have any ideas on this > > access-list 110 permit ip 192.168.5.0 0.0.0.255 any > access-list 110 permit tcp 192.168.10.0 0.0.0.255 host 192.168.5.65 eq 1433 > > > D'Wayne Saunders > Senior MIS Operator, CCNA > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3113&t=3039 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
