cmstanphill
ISP
I am having such a hard time with this access-list here is what I am trying to do is I am trying to block all ports but Telnet to 2 diff hosts but I am trying to make it so that all traffice can go out of the Wan interface. I have done it before but for some reason its not working on this router. The crazy thing is when I put it on the wan for incoming that part works fine but when that happens nothing can go out as in pulling up web sites or email. I have anothor route set kinda the same way for incoming traffic and all outgoing works just fine
any ideas here is the config
Thanks
interface Serial0/0
description CID (TotalSpeed Com 219)
bandwidth 1536
ip address 192.168.0.2 255.255.255.252
ip access-group 100 in
no ip directed-broadcast
encapsulation ppp
no ip mroute-cache
no fair-queue
service-module t1 linecode ami
service-module t1 timeslots 1-24 speed 56
access-list 100 permit tcp any any established
access-list 100 permit icmp any any
access-list 100 permit tcp host 10.0.0.11 any eq telnet
access-list 100 permit udp host 10.0.0.11 any eq 23
access-list 100 permit tcp host 10.0.0.125 any eq telnet
access-list 100 permit udp host 10.0.0.125 any eq 23
any ideas here is the config
Thanks
interface Serial0/0
description CID (TotalSpeed Com 219)
bandwidth 1536
ip address 192.168.0.2 255.255.255.252
ip access-group 100 in
no ip directed-broadcast
encapsulation ppp
no ip mroute-cache
no fair-queue
service-module t1 linecode ami
service-module t1 timeslots 1-24 speed 56
access-list 100 permit tcp any any established
access-list 100 permit icmp any any
access-list 100 permit tcp host 10.0.0.11 any eq telnet
access-list 100 permit udp host 10.0.0.11 any eq 23
access-list 100 permit tcp host 10.0.0.125 any eq telnet
access-list 100 permit udp host 10.0.0.125 any eq 23