Associate
- Joined
- 23 Aug 2004
- Posts
- 31
Right, i've got to put an access list on a cisco switch at work.
The acl i have on there at the moment is blocking all traffic rather than just the traffic i want.
Its meant to only allow traffic from one pc to a proxy server on port 8080 just to surf the net. Its got a static ip address outside of the dhcp scope so dont need access to a dhcp server. And i've included access to the dns server, but the only part of the acl that gets hits is the deny all statement.
acl-public-access
deny tcp any any eq 445 #active directory
deny tcp any any eq 137 #netbios
deny tcp any any eq 138 #netbios
deny tcp any any eq 139 #netbios
permit tcp host <pc ip> any established
permit udp host <pc ip> host <dns ip> eq domain
permit udp host <pc ip> host <other dns> eq domain
permit tcp host <pc ip> host <proxy ip> eq 8080
deny ip any any
Any cisco people give any help as to why the hell this isnt working, cos i havent got a clue!
thanks
The acl i have on there at the moment is blocking all traffic rather than just the traffic i want.
Its meant to only allow traffic from one pc to a proxy server on port 8080 just to surf the net. Its got a static ip address outside of the dhcp scope so dont need access to a dhcp server. And i've included access to the dns server, but the only part of the acl that gets hits is the deny all statement.
acl-public-access
deny tcp any any eq 445 #active directory
deny tcp any any eq 137 #netbios
deny tcp any any eq 138 #netbios
deny tcp any any eq 139 #netbios
permit tcp host <pc ip> any established
permit udp host <pc ip> host <dns ip> eq domain
permit udp host <pc ip> host <other dns> eq domain
permit tcp host <pc ip> host <proxy ip> eq 8080
deny ip any any
Any cisco people give any help as to why the hell this isnt working, cos i havent got a clue!
thanks