From: Brian Dennis (bdennis@internetworkexpert.com)
Date: Tue Jun 01 2004 - 02:25:50 GMT-3
Jason,
Can you send us the router's whole configuration? Also are
there any other routers on the segment?
Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
bdennis@internetworkexpert.com
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987
Direct: 775-745-6404 (Outside the US and Canada)
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Jason Aarons
Sent: Monday, May 31, 2004 7:25 AM
To: ccielab@groupstudy.com
Subject: See something wrong with my AC? telnet is getting through
I'm curious why ACL 142 didn't work. I'm trying to block outbound
telnet
to printers, unix boxes, internet, while allowing everything else. IOS
is 12.3(6)T. interface FastEthernet0.2
description block telnet from user10-80.117.192
encapsulation dot1Q 2
ip address 10.80.117.129 255.255.255.128
ip access-group 142 ininterface FastEthenret0.99description Internetip
addr 25.24.23.4
!
access-list 142 deny tcp any any eq telnet log
access-list 142 permit ip any any
C:\>ipconfig
Windows NT IP Configuration
Ethernet adapter El90x1:
IP Address. . . . . . . . . : 10.80.117.192
Subnet Mask . . . . . . . . : 255.255.255.128
Default Gateway . . . . . . : 10.80.117.129
C:\>telnet 10.80.117.129, I get a response back, acl isn't working
C:\>telnet 216.54.168.14, I get a response back, acl isn't working
------------------------------------------------------------------------
Best Restaurant Giveaway Ever! Vote for your favorites for a chance to
win $1 million!
This archive was generated by hypermail 2.1.4 : Sat Jul 03 2004 - 19:40:30 GMT-3