Okay gang, this one's work-related so don't feel obligated to help. ;-) I
think it's an interesting thought problem though:
The Problem I'm Trying To Solve: allow access to a particular website
(2.2.2.2) from users on a particular subnet. Do NOT allow them to access
any *other* website. Allow
A fast try:
access-list 101 permit tcp (vlan subnet) (vlan subnet re-mask) host 2.2.2.2
eq www
access-list 101 permit ip (vlan subnet) (vlan subnet re-mask) 172.0.0.0
0.255.255.255
access-list 101 deny ip any any
apply outbound to the VLAN subnet you are trying to control (i.e. VLAN 30)
Don't kn
The problem is in your second line. You are denying traffic *sourced*
from port 80 (www), not traffic destined for port 80. Change the line
to:
access-list 101 deny tcp any any eq www
I would even consider adding "eq www" to the first line since you only
want to allow web traffic to that host,
It may not be the syntax of your ACL's at all. Are you using MLS to do L3
switching with the 6509? If you are then you need the Policy Feature Card
(PFC) on your Sup blade.
It works like this: A packet hits the switch which records the destination
IP address in the CAM table and forwards it to
ah yes the old in or out debate...
Brian "Sonic" Whalen
Success = Preparation + Opportunity
On Wed, 29 Aug 2001, John Neiberger wrote:
> The problem is in your second line. You are denying traffic *sourced*
> from port 80 (www), not traffic destined for port 80. Change the line
> to:
>
> acc
Does this have anything to do with that "Chambers" thread? ;-)
- Original Message -
From: "Brian Whalen"
To:
Sent: Wednesday, August 29, 2001 4:48 PM
Subject: Re: Work-related ACL problem [7:17695]
> ah yes the old in or out debate...
>
> Brian "Son
isn't it supposed to be:
access-list 101 deny tcp any any eq www
ron
- Original Message -
From: "Wilson, Bradley"
To: [EMAIL PROTECTED]
Sent: Wed, 29 Aug 2001 12:03:33 -0400
Subject: Work-related ACL problem [7:17695]
Okay gang, this one's work-related so don
ED]]
Sent: Wednesday, August 29, 2001 10:09 PM
To: [EMAIL PROTECTED]
Subject: Re: Work-related ACL problem [7:17695]
isn't it supposed to be:
access-list 101 deny tcp any any eq www
ron
- Original Message -
From: "Wilson, Bradley"
To: [EMAIL PROTECTED]
Sent: Wed, 29 Aug
9 Aug 2001 12:03:33 -0400
> Subject: Work-related ACL problem [7:17695]
> Okay gang, this one's work-related so don't feel obligated to help. ;-) I
> think it's an interesting thought problem though:
>
> The Problem I'm Trying To Solve: allow access to a particular
9 Aug 2001 12:03:33 -0400
> Subject: Work-related ACL problem [7:17695]
> Okay gang, this one's work-related so don't feel obligated to help. ;-) I
> think it's an interesting thought problem though:
>
> The Problem I'm Trying To Solve: allow access to a particular
To: [EMAIL PROTECTED]
Subject: Work-related ACL problem [7:17695]
Okay gang, this one's work-related so don't feel obligated to help. ;-) I
think it's an interesting thought problem though:
The Problem I'm Trying To Solve: allow access to a particular website
(2.2.2.2) from users on
29, 2001 9:50 PM
To: [EMAIL PROTECTED]
Subject: Re: Work-related ACL problem [7:17695]
you must also add
access-list 101 deny udp any any eq www
ron wrote:
> isn't it supposed to be:
>
> access-list 101 deny tcp any any eq www
>
> ron
> - Original Message -
&g
12 matches
Mail list logo
