Why doesnt this access-list work?

jlmdata · Jun 18, 2010

Im unable to open port 80 tcp between these lans, why?
Only permitted ports should be open between lans.

interface Vlan8
ip address 172.16.8.1 255.255.255.0
ip access-group bb2 out
!
interface Vlan192
ip address 192.168.192.1 255.255.255.0
ip access-group bb1 out

ip access-list extended bb1
permit ip 192.168.192.0 0.0.0.255 any
permit tcp any any eq

http://www 443

deny tcp 172.16.0.0 0.0.255.255 any
permit ip any any

ip access-list extended bb2
permit ip 172.16.8.0 0.0.0.255 any
permit tcp any any eq

http://www 443

deny tcp 172.16.0.0 0.0.255.255 any
deny tcp 192.168.192.0 0.0.0.255 any
permit ip any any

burtsbees · Jun 18, 2010

vlan8=bb2? vlan192=bb1? Please clarify. If this is correct, then your acl's are pointed the wrong way---they need to be inbound, not out.

/

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Why doesnt this access-list work?

jlmdata

IS-IT--Management

burtsbees

Programmer

Similar threads

Part and Inventory Search

Sponsor