Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Allow Only to Firewall

Status
Not open for further replies.

solson

MIS
May 6, 2002
6
US
I have a VLAN setup for testing and I would like to have access to the internet through our firewall. I also need to allow this VLAN to only talk to the firewall and no other devices on the network.

The firewall is an MS ISA box that knows the routes to the rest of the network.

How do I use an access list to allow this vlan to only talk to the firewall and no one else?

Please be gentle...I am new at this access list stuff. [neutral]
 
The VLAN can have an ACL applied like any other interface.

If the firewall is an ISA box does it act as a proxy?

To limit access to the firewall IP only:

access-list 105 permit ip any host <firewall-ip>

int VLAN20
access-group 105 out

This should do, will allow any device to access the firewall IP only, the rest will be dropped. Hope this is really what you want?

 
Just remember that at the end of every access-list, whether you specify it or not is an implicit deny

If you don't permit it, it won't go............
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top