Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

restrict acess to internal site to allow only a couple of external ips

Status
Not open for further replies.

kevwiener

Technical User
Jan 6, 2003
41
AU
so basically what i want to do it restrict access to a internal website to only my remote offices public ips so that they can still access the site for testing without having to be on the vpn.

would this work

access-list 101 permit tcp 80 theirpublicip host WebsitepublicIP eq www

thanks
kevin
 
An access list can restrict connections in the way you need, assuming there's no NAT you haven't taken into consideration.

Having said that, if you are in charge of a Hub & Branch WAN, then I would *really* *really* recommend you be using a stateful firewall on any public-facing connection. Access lists just don't really cut it. And a stateful firewall usually includes additional services like IDP and built-in VPN and whatnot these days. Your client will be much safer.
 
another firewall isnt an option the company is as tight as a ducks arse so will have to make do with the equipment in place, so really need to know if the above statement would work

kev

 
Roughly, your statement will actually look more like:

permit tcp host 1.1.1.1 host 5.5.5.5 eq www
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top