[1829] in WWW Security List Archive
Re: Cisco access control
daemon@ATHENA.MIT.EDU (Josh McIver)
Tue Apr 16 05:52:10 1996
Date: Tue, 16 Apr 1996 00:02:15 -0700 (MST)
From: Josh McIver <jmmc@et.mohave.cc.az.us>
To: "Deloach, Scott D. SSgt" <DeloachS@emh.aon.af.mil>
cc: www-security <www-security@ns2.rutgers.edu>
In-Reply-To: <199604151928.PAA23382@ns2.rutgers.edu>
Errors-To: owner-www-security@ns2.rutgers.edu
On Mon, 15 Apr 1996, Deloach, Scott D. SSgt wrote:
> Can Anyone give me an example of what a Cisco access list would look like
> to give incoming access to SMTP access to a single IP and HTTP access to
> another IP and deny everthing else?
I believe that it would look like this.
access-list 101 permit tcp any host 255.255.255.255 eq 25
access-list 101 permit tcp any host 255.255.255.255 eq 80
This would permit tcp packets from any host to go to port 25 and
port 80 of machine 255.255.255.255. Everything else is denied
implicitly(sp?). You would then apply it as a inbound filter on you
incoming port.
-Josh
