Great Circle Associates Firewalls
(July 1996)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Cisco ACL's
From: John Betts <johnb @ aztec . co . za>
Date: Wed, 17 Jul 1996 11:49:02 +0200 (SAT)
To: firewalls @ greatcircle . com
Reply-to: johnb @ aztec . co . za

Howdy

can someone here please help me out with the following:

I have a cisco4k with 2 serial ports, one ether.

eth0 is Lan A
ser0 is Lan B
ser1 is the Internet line

I want everyone on Lan A to be able to acess Lan B, and
everyone on Lan B to be able to access Lan A. (all ports)

Secondly, I want the Internet server (proxy, etc) on Lan
A a.b.c.15 to be able to access any machine on the Internet,
and any machine on the Internet to access it.

What do I need to do to the following access lists to make
the above work?

! allow Lan A access to Lan B
access-list <num> permit a.b.c.0 255.255.255.0 a.b.d.0 255.255.255.0
! allow Lan B access to Lan A
access-list <num> permit a.b.d.0 255.255.255.0 a.b.c.0 255.255.255.0
! allow sun1 (Internet server) access to Internet
access-list <num> permit a.b.c.15 255.255.255.? 0.0.0.0 0.0.0.0
! allow Internet access to sun1
access-list <num> permit 0.0.0.0 0.0.0.0 a.b.c.15 255.255.255.?
! deny everything else
access-list <num> deny 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0

tia

ciao

--
John
 
--
John Betts, Aztec Internet Services Port Elizabeth, South Africa
johnb @
 aztec .
 co .
 za,  Tel. +27(0)41 303 475, Fax. +27(0)41 301 052
Authorised Caldera Consultant     ||     Part of the UUNet Group
The world is complex.  The Sendmail configuration reflects this.

Indexed By Date Previous: [HELP] I lost root password!
From: Juyoung Park <jypark @ comsun . chungnam . ac . kr>
Next: Satan Program
From: "Moore, Mark" <Mark . Moore @ kp . ORG>
Indexed By Thread Previous: Re: [HELP] I lost root password!
From: "Joseph S. D. Yao" <jsdy @ cospo . osis . gov>
Next: Re: Cisco ACL's
From: Quentin Sherman <qsherman @ sii . cl>

Google
 
Search Internet Search www.greatcircle.com