Howdy
can someone here please help me out with the following:
I have a cisco4k with 2 serial ports, one ether.
eth0 is Lan A
ser0 is Lan B
ser1 is the Internet line
I want everyone on Lan A to be able to acess Lan B, and
everyone on Lan B to be able to access Lan A. (all ports)
Secondly, I want the Internet server (proxy, etc) on Lan
A a.b.c.15 to be able to access any machine on the Internet,
and any machine on the Internet to access it.
What do I need to do to the following access lists to make
the above work?
! allow Lan A access to Lan B
access-list <num> permit a.b.c.0 255.255.255.0 a.b.d.0 255.255.255.0
! allow Lan B access to Lan A
access-list <num> permit a.b.d.0 255.255.255.0 a.b.c.0 255.255.255.0
! allow sun1 (Internet server) access to Internet
access-list <num> permit a.b.c.15 255.255.255.? 0.0.0.0 0.0.0.0
! allow Internet access to sun1
access-list <num> permit 0.0.0.0 0.0.0.0 a.b.c.15 255.255.255.?
! deny everything else
access-list <num> deny 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0
tia
ciao
--
John
--
John Betts, Aztec Internet Services Port Elizabeth, South Africa
johnb @
aztec .
co .
za, Tel. +27(0)41 303 475, Fax. +27(0)41 301 052
Authorised Caldera Consultant || Part of the UUNet Group
The world is complex. The Sendmail configuration reflects this.
|
|
