From: Georg Pauwen (pauwen@hotmail.com)
Date: Tue Jun 01 2004 - 02:30:21 GMT-3
Hello Jason,
try:
access-list 142 deny tcp any eq telnet any log
access-list 142 permit ip any any
Regards,
Georg
>From: "Jason Aarons" <jaarons@hotmail.com>
>Reply-To: "Jason Aarons" <jaarons@hotmail.com>
>To: ccielab@groupstudy.com
>Subject: See something wrong with my AC? telnet is getting through
>Date: Mon, 31 May 2004 14:24:47 +0000
>
>I'm curious why ACL 142 didn't work. I'm trying to block outbound telnet
>to printers, unix boxes, internet, while allowing everything else. IOS
>is 12.3(6)T. interface FastEthernet0.2
>description block telnet from user10-80.117.192
>encapsulation dot1Q 2
>ip address 10.80.117.129 255.255.255.128
>ip access-group 142 ininterface FastEthenret0.99description Internetip
>addr 25.24.23.4
>
>!
>access-list 142 deny tcp any any eq telnet log
>access-list 142 permit ip any any
>
>C:\>ipconfig
>Windows NT IP Configuration
>Ethernet adapter El90x1:
> IP Address. . . . . . . . . : 10.80.117.192
> Subnet Mask . . . . . . . . : 255.255.255.128
> Default Gateway . . . . . . : 10.80.117.129
>C:\>telnet 10.80.117.129, I get a response back, acl isn't working
>C:\>telnet 216.54.168.14, I get a response back, acl isn't working
>
>------------------------------------------------------------------------
>
>Best Restaurant Giveaway Ever! Vote for your favorites for a chance to
>win $1 million!
>
>_______________________________________________________________________
>Please help support GroupStudy by purchasing your study materials from:
>http://shop.groupstudy.com
>
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Jul 03 2004 - 19:40:30 GMT-3