Access-list question on a Cisco 6509

Discussion in 'Cisco' started by Fogel, Mar 5, 2007.

  1. Fogel

    Fogel

    Joined:
    Mar 5, 2007
    Messages:
    1
    Hi everyone,

    I'd like to control access to one of my servers on my LAN. Here's the situation :

    ServerX : 192.168.199.4 vLAN199 (192.168.199.0/29)

    vLAN63 : 192.168.240.0
    vLAN80 : 192.168.250.0

    - ServerX can be accessed by anything on the network (using terminal services mostly)
    - Once you are connected to ServerX, you can only access vLAN63 and vLAN80.

    I've read a couple things and asked a few questions and I was thinking about making 2 ACLs on vLAN199.

    1. ACL IN
    access-list 120 permit ip any any

    2. ACL OUT
    access-list 121 permit tcp any any established ! To permit the connection to the server
    access-list 121 permit ip host 192.168.199.4 192.168.240.0 0.0.0.255
    access-list 121 permit ip host 192.168.199.4 192.168.250.0 0.0.0.255
    access-list 121 deny ip any any

    3. Applying the ACL on the vLAN
    inter vlan199
    ip access-group 120 in
    ip access-group 121 out


    In theory, this looks promising but it isn't working, as soon as I activate the ACL out, I can't connect anymore to the server.

    Now, is there something I'm missing or this particular example isn't working?

    Thanks in advance.

    Mario Lavigne
    Fogel, Mar 5, 2007
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. J R
    Replies:
    2
    Views:
    1,934
    marioparty
    Oct 20, 2007
  2. PS2 gamer
    Replies:
    6
    Views:
    6,694
    Hansang Bae
    Jun 9, 2004
  3. Bob
    Replies:
    1
    Views:
    698
    Walter Roberson
    Oct 19, 2006
  4. paeengi8
    Replies:
    0
    Views:
    797
    paeengi8
    Jun 25, 2007
  5. Southern Kiwi
    Replies:
    6
    Views:
    2,119
    Southern Kiwi
    Mar 19, 2006
Loading...

Share This Page