General discussion

  • Creator
    Topic
  • #2093293

    extended access list on router

    Locked

    by raystep ·

    i need help in writing an extended access list on a router on the lan all student machines or assign even host number and all teachers are asigned to odd host no.the network address is 156.1.1.64 255.255.255.192 i need to block telnet on ths students machines only and permit all other traffic the destination address on district router 156.1.149.129 I am using ip and IRGP on the router I know how to stop all telnet traffic but do`nt know how to block the students. if any one has an answer I would be greatful thanks Ray S

All Comments

  • Author
    Replies
    • #3865571

      access-lists

      by awilliam ·

      In reply to extended access list on router

      have to specify each host seperately, can’t think of a way to skip. try the following:

      access-list 99 deny tcp host 156.1.1.66 eq telnet any
      access-list 99 deny tcp host 156.1.1.68 eq telnet any
      …etc…
      access-list 99 permit ip any any

      then apply the list to your interface
      (ip access-class 99 in)

      hope this helps

Viewing 0 reply threads