Extented Access list on Cisco 2600Router - TechRepublic
General discussion
February 8, 2004 at 07:17 PM
coconut88

Extented Access list on Cisco 2600Router

by coconut88 . Updated 22 years, 4 months ago

Dear, Sir/Madam
I’ve some questions about the extented access-lists, why that block the FTP port.
We’ve two segment in my network, Fastethernet0/1 is 10.125.96.0 255.255.255.0 other Fastethernet 0/0 is 10.125.111.0 255.255.255.0
The access list is pastes on ethernet 0/1 network:
access-list 101 permit tcp any 10.125.111.0 0.0.0.255 gt 1023 established
access-list 101 permit udp any 10.125.111.0 0.0.0.255 gt 1023
access-list 101 permit udp host 10.125.96.21 eq netbios-dgm 10.125.111.0 0.0.0.255 eq netbios-dgm
access-list 101 permit tcp host 10.125.96.21 gt 1023 10.125.111.0 0.0.0.255 eq 139
access-list 101 permit udp host 10.125.96.22 eq netbios-dgm 10.125.111.0 0.0.0.255 eq netbios-dgm
access-list 101 permit tcp host 10.125.96.22 gt 1023 10.125.111.0 0.0.0.255 eq 139
access-list 101 permit udp host 10.125.125.181 eq netbios-dgm 10.125.111.0 0.0.0.255 eq netbios-dgm
access-list 101 permit tcp host 10.125.125.181 gt 1023 10.125.111.0 0.0.0.255 eq 139
access-list 101 permit icmp 10.125.96.0 0.0.0.255 10.125.111.0 0.0.0.255 echo-reply
access-list 101 permit icmp any 10.125.111.0 0.0.0.255 packet-too-big
access-list 101 permit tcp host 10.125.125.171 host 10.125.111.150 eq 8009
access-list 101 permit tcp host 10.125.125.171 host 10.125.111.150 eq 7009
access-list 101 deny ip any any log
How can i solve the problem?

This discussion is locked

All Comments