Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cisco 1721 Between 2 networks

Status
Not open for further replies.
GeoDM

GeoDM

Technical User
Joined
Dec 16, 2003
Messages
66
Location
US
(Hopefully someone will delete me previous post. This ones title is more descriptive.)

I have a Cisco 1721 Router. The router is between 2 local networks. Mine and one connected via fiber down the road. Right now the two networks can not see each other. This is good. I want them to only see a few selected servers on each side. To do this I have created 2 access-lists. After associating the access lists with the right card on the router I get this message when I try to ping.

Reply from XX.XX.X.XX: Destination net unreachable.

It receives properly but I can not longer telnet to the box. When I set the interface cards back to default everything work fine.

Is creating access-lists the proper way to do it or should I be trying something else?
 
Sort by date Sort by votes
Please post the access list. You probably forgot about the implicit deny statement. Make sure at the end of your ACL, you have

access-list 101 permit ip any any

Substitute your ACL number.
 
Upvote 0 Downvote
Looking at this now I think something may be wrong but I'll let you tell me that. I finally got the SDM installed on the box but I did not like working with it that way and the access list I created there looks different then the one I created with the IOS. Also could you tell me how to delete the other access-lists, sdm_ethernet0_in & sdm_fastethernet0_in. Just some house keeping issues.

interface Ethernet0
ip address 10.10.1.14 255.255.0.0
ip access-group 101 in
no ip route-cache
half-duplex
!
interface FastEthernet0
ip address 10.10.2.14 255.255.0.0
ip access-group 102 in
no ip route-cache
speed auto
!
ip classless
ip http server
!
ip access-list extended sdm_ethernet0_in
remark SDM_ACL Category=1
permit ip any host 10.10.2.247 log
permit ip any host 10.10.2.23 log
permit ip any host 10.10.2.244 log
ip access-list extended sdm_fastethernet0_in
remark SDM_ACL Category=1
permit ip any host 10.10.1.242 log
permit ip any host 10.10.1.243 log
permit ip any host 10.10.1.240 log
permit ip any host 10.10.1.245 log
!
access-list 101 permit ip any host 10.10.2.247 log
access-list 101 permit ip any host 10.10.2.23 log
access-list 101 permit ip any host 10.10.2.244 log
access-list 102 permit ip any host 10.10.1.242 log
access-list 102 permit ip any host 10.10.1.243 log
access-list 102 permit ip any host 10.10.1.240 log
access-list 102 permit ip any host 10.10.1.245 log
 
Upvote 0 Downvote
Any thoughts?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Blackybear
  • Locked
  • Question Question
Cisco RV042G router
Replies
0
Views
316
Blackybear
Blackybear
CPM86
  • Locked
  • Question Question
Cisco isr 4331 with IOS and sip busy fail over to 2nd sip number on pbx?
Replies
0
Views
556
CPM86
CPM86
B
  • Locked
  • Question Question
Cisco IP phone 7841 8851 unable to forward all to external number
Replies
0
Views
399
badwolf1686
B
pbxcomm
  • Locked
  • Question Question
CISCO VG450
Replies
1
Views
810
nt8d09
nt8d09
Skip Rango
  • Locked
  • Question Question
how to backup cisco sg500-52p switch
Replies
1
Views
792
madwok
madwok

Part and Inventory Search

Sponsor

Back
Top