Search results for query: *

basically it's udp. access-list 172 permit tcp any any established access-list 172 permit udp any any access-list 172 permit icmp any any echo-reply access-list 172 deny ip 192.168.255.0 0.0.0.255 172.20.0.0 0.0.3.255 access-list 172 permit ip any any With the above acl, one would think that...

ok odd. everything seems to work correctly. vlan192 doesn't seem to be able to access vlan172 (pings, http, rdp, fileshares, etc). However 192 is still able to query 172 for dns lookups. Anyway to stop this too?

ok, this seemed to do the trick! interface Vlan192 ip address 192.168.255.1 255.255.255.0 ip access-group 172 in access-list 172 permit tcp any any established access-list 172 permit udp any any access-list 172 permit icmp any any echo-reply access-list 172 deny ip 192.168.255.0 0.0.0.255...

Yes, I do not want QANet vlan accessing OfficeNet, but I DO want OfficeNet to be able to access QANet.

ok, i feel we're close helpdesk. followed: access-list 172 deny ip 192.168.255.0 0.0.0.255 172.20.0.0 0.0.3.255 access-list 172 permit ip any any int vlan 192 ip access-group 172 in Now, 192 can not access 172. 192 can access pix 172 can access pix 172 can not access 192 do i need a...

thanks for the replies. So i set what was suggested: interface Vlan172 ip address 172.20.0.1 255.255.252.0 interface Vlan192 ip address 192.168.255.1 255.255.255.0 ip access-group 172 out access-list 172 deny ip any 172.20.0.0 0.0.3.255 access-list 172 permit ip any any This doesn't...

Forgot to mention what i enter: access-list 172 deny ip any 172.20.0.0 255.255.252.0 access-list 172 permit ip any any int vlan192 ip access-group 172 out

you probably don't need the entire config: sw01#sh ru Building configuration... Current configuration : 5428 bytes ! version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname sw01 ! enable secret 5...

Hello, I entered in: access-list 101 deny ip any 172.20.0.0 255.255.252.0 access-list 101 permit ip any any int vlan192 ip access-group 101 out When I sh ru, i see: 10 deny ip any 0.0.0.0 255.255.252.0 Any reason why the it's not showing the ip subnet i put and making them 0.0.0.0?

Hello, I am setting up a Cisco Catalyst 3750 with 3 vlans. Right now with ip routing on, all vlans can talk freely with others. I want the Officenet vlan to be able to talk to all vlans, however I do not want the QANet vlan accessing OfficeNet. I know I should be setting ACLs but can’t figure...