Security Basics mailing list archives
RE: Re: Re: Re: router access control list
From: "Erick Jensen" <ejensen () vibrant com>
Date: Sun, 5 Nov 2006 01:23:53 -0600
You have the lists done correctly. There's just some missing part there. You have issued the "access-group 111 in" on the ATM0 interface? Or even a "access-group 110 out" on ATM0? Help us out here and send a "show run" output. ****change you passwords before/after you do!**** It's probably something simple we're missing here. "show tech" is also useful output, but it's MUCH MUCH larger to weed through. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of apaez1084 () gmail com Sent: Thursday, November 02, 2006 12:23 PM To: security-basics () securityfocus com Subject: Re: Re: Re: Re: router access control list ok this is the ACL i created. 110 is the real one that i want to place on the router 111 is just one that im using to see if it works. Extended IP access list 110 10 permit tcp any any eq www (17 matches) 20 permit tcp any any eq 3390 30 permit tcp any any eq 3389 (16 matches) 40 permit tcp any any eq ftp 50 permit tcp any any eq ftp-data 60 permit tcp any any eq pop3 70 permit tcp any any eq smtp 80 permit tcp any any eq 3399 90 permit tcp any any eq 3391 100 permit tcp any any eq 7603 110 permit tcp any any eq 443 120 permit tcp any any eq 3395 130 permit tcp any any eq 47281 140 permit udp any any eq 47281 150 permit udp any any eq 7603 160 permit tcp any any eq 8080 170 permit tcp any any eq telnet (92 matches) Extended IP access list 111 10 permit tcp any any eq www (106 matches) 20 permit tcp any any eq 3390 30 permit tcp any any eq telnet (722 matches) OK now that you just say my access-list. Im working with 111 because i want to see if from out side i can get in to port 3389. thats not permited. I remote connet to mexico server and then from server remote connect back in here. Now i have NAT on so the ip addresses are not the same but the port are the same. I put ACL 111 in interface ATM0 in/out and absolutly nothing happens. I can get to any port i want from mexico serv. And when I put it on interface e0 in/out everythig stops working. Do i suck that mad at this or there is something im missing. Help Please Thank You ------------------------------------------------------------------------ --- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Re: Re: Re: router access control list apaez1084 (Nov 01)
- RE: Re: Re: router access control list Erick Jensen (Nov 03)
- <Possible follow-ups>
- Re: Re: Re: Re: router access control list apaez1084 (Nov 03)
- Re: Re: Re: Re: Re: router access control list apaez1084 (Nov 06)
- RE: Re: Re: Re: Re: router access control list David Gillett (Nov 07)
- RE: Re: Re: Re: router access control list Erick Jensen (Nov 06)
- Re: Re: Re: Re: Re: router access control list apaez1084 (Nov 06)
- RE: Re: Re: Re: Re: router access control list Dixon, Wayne (Nov 06)
- Re: Re: Re: Re: Re: Re: router access control list emptybeerkann (Nov 06)
- Re: Re: Re: Re: Re: Re: Re: router access control list apaez1084 (Nov 07)
- RE: Re: Re: Re: Re: Re: Re: router access control list David Gillett (Nov 07)
- RE: Re: Re: Re: Re: router access control list Erick Jensen (Nov 07)