access list

[brooze]

pls let me know how ca i write an access list to stop all the access from internet toward my gateway which is a router1601.

thanks

 

[tschouten]

What's in front of it? Not really enough info to go from here.

Access lists read from top of list to bottom at the bottom there is an implicit deny (so if you write a single permit statement for one specific IP only that IP will revceive traffic). What exactly are you trying to do with this access list?

 

[baddos]

access-list 101 deny ip any any log
interface ser0/0
ip access-group 101 in
exit

This will block all traffic coming into the serial0/0 interface

 

[brooze]

I want to write an access list which deny all the traffic from outside of the lan towards the gateway which is a router1601, and just to permit one valid Ip to access from out world to this gateway.

The valid Ip address which is going to access the Router 1601 is not know yet but we assume: 192.168.100.1

And also the Router 1601 ip address 62.32.59.64 with 32 ranges .

we want to stop the traffic bar from outside of the lan ( for ex.internet or any other outside lan)
toward our lan router. ( no access from out world into our local lan ( 1601 cisco router is the gateway )
except one valid ip address from out world can access to this router ( for example I go somewhere out of the country and with that valid Ip address I want to telnet this router ( this is just an example to clear my mean.