From: Edwards, Andrew M (andrew.m.edwards@boeing.com)
Date: Mon Mar 29 2004 - 13:57:38 GMT-3
Another suggestion is to set the logging to your buffer to informational (at a minimum) and then throw an explicit deny ip any any log at the end... Using the log option shows you what packets are denied by that ACL and you can then see what port you need to open and in what direction.
Andy
-----Original Message-----
From: jano@rhox.com.br [mailto:jano@rhox.com.br]
Sent: Saturday, March 27, 2004 12:57 PM
To: ccielab@groupstudy.com
Subject: DLSW in Extended Access-list
Hey everyone,
I need to configure a named access list. Ok, the IP and routing part is easy, but the problem is that DLSW must also be allowed. The moment I apply my inbound access-list I loose connectivity to my DLSW peer. How do I specify and permit DLSW in this list?
ip access-list extended INBOUND
permit tcp 0.0.0.0 0.0.0.1 any eq telnet
permit tcp 172.17.59.80 0.0.0.15 any eq ftp
permit tcp any any eq smtp
permit tcp any any eq www
permit udp any any eq tftp
permit icmp any any
permit igrp any any
permit tcp any any eq bgp
Thanks,
Jano
This archive was generated by hypermail 2.1.4 : Thu Apr 01 2004 - 08:15:49 GMT-3