See something wrong with my AC? telnet is getting through

From: Jason Aarons (jaarons@hotmail.com)
Date: Mon May 31 2004 - 11:24:47 GMT-3

• Next message: Karim: "Multicast helper-map example in doc CD."
• Previous message: Georg Pauwen: "RE: Cat6509's STP mode"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I'm curious why ACL 142 didn't work. I'm trying to block outbound telnet
to printers, unix boxes, internet, while allowing everything else. IOS
is 12.3(6)T. interface FastEthernet0.2
description block telnet from user10-80.117.192
encapsulation dot1Q 2
ip address 10.80.117.129 255.255.255.128
ip access-group 142 ininterface FastEthenret0.99description Internetip
addr 25.24.23.4

!
access-list 142 deny tcp any any eq telnet log
access-list 142 permit ip any any

C:\>ipconfig
Windows NT IP Configuration
Ethernet adapter El90x1:
       IP Address. . . . . . . . . : 10.80.117.192
       Subnet Mask . . . . . . . . : 255.255.255.128
       Default Gateway . . . . . . : 10.80.117.129
C:\>telnet 10.80.117.129, I get a response back, acl isn't working
C:\>telnet 216.54.168.14, I get a response back, acl isn't working

------------------------------------------------------------------------

Best Restaurant Giveaway Ever! Vote for your favorites for a chance to
win $1 million!

• Next message: Karim: "Multicast helper-map example in doc CD."
• Previous message: Georg Pauwen: "RE: Cat6509's STP mode"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Jun 02 2004 - 11:12:19 GMT-3