Dear friends,
Router 1601( ip address 217.9.122.26 ) The gateway
Router 3660 ( ip address 217.9.122.28)
Network range ( Ip address 217.9.122.25 0.0.0.7)
Two routers are connected to a Hub and also the lan Pc are connected to this hub as well.
What I need to ping through The lan into the routers and and also the routers be able to ping
themselves and each other but no other ips except the lan ips and routers ips do not be able to ping to these two routers from outside .
When I write :
Access-list 101 deny icmp any 217.9.122.25 0.0.0.7 echo log
Access-list 101 permit tcp any any established
Access-list 101 permit ip any any
The result is :
Nobody can ping from outside to the routers which is great!
But also even from the range of inside the lan ( PCs ) can't ping to the routers and
even the routers can't ping themselves and each other so the Internet link is disconnected too!
It seems that I block all the access from inside and outside to the lan.
WHAT CAN I DO ? HOW CAN I WRITE THE ACCESS-LIST?
I have addes the interface ip access-group as well ( no worries for that)
I remain
Inappropriate post?
If so, Red Flag it!
Check out the FAQ
area for this forum!
Whoheard (IS/IT--Manageme) Mar 8, 2003
What interface is this applied to, and in what direction?
Bob
Dear Bob the interfaces are e0 connected to the hub and serial0 connected to a leased modem,
And I set both "in"
I remain
Router 1601( ip address 217.9.122.26 ) The gateway
Router 3660 ( ip address 217.9.122.28)
Network range ( Ip address 217.9.122.25 0.0.0.7)
Two routers are connected to a Hub and also the lan Pc are connected to this hub as well.
What I need to ping through The lan into the routers and and also the routers be able to ping
themselves and each other but no other ips except the lan ips and routers ips do not be able to ping to these two routers from outside .
When I write :
Access-list 101 deny icmp any 217.9.122.25 0.0.0.7 echo log
Access-list 101 permit tcp any any established
Access-list 101 permit ip any any
The result is :
Nobody can ping from outside to the routers which is great!
But also even from the range of inside the lan ( PCs ) can't ping to the routers and
even the routers can't ping themselves and each other so the Internet link is disconnected too!
It seems that I block all the access from inside and outside to the lan.
WHAT CAN I DO ? HOW CAN I WRITE THE ACCESS-LIST?
I have addes the interface ip access-group as well ( no worries for that)
I remain
Inappropriate post?
If so, Red Flag it!
Check out the FAQ
area for this forum!
Whoheard (IS/IT--Manageme) Mar 8, 2003
What interface is this applied to, and in what direction?
Bob
Dear Bob the interfaces are e0 connected to the hub and serial0 connected to a leased modem,
And I set both "in"
I remain
