acl nat
If you can't read please download the document
-
Upload
abhinav-saini -
Category
Documents
-
view
216 -
download
1
description
acl nat
Transcript of acl nat
int f0/0.1ip nat insideint f0/0.2 ip nat insideint s0/0 ip nat outsideaccss-list 1 permit 10.1.1.0 0.0.0.255ip nat pool VLAN10 50.1.1.1 50.1.1.2 prefix-length 24ip nat inside source list 1 pool VLAN10 (dynamic nat)ip nat inside source list 1 pool VLAN10 overload (dynamic PAT)==========================================================================inbound acl from vlan10 to 79.1.1.1ip access-list extended VLAN10 permit tcp 10.1.1.0 0.0.0.255 host 79.1.1.1 eq telnet permit icmp 10.1.1.0 0.0.0.255 host 79.1.1.1 echoint f0/0.1ip access-group VLAN10 in======================================================================ip access-list extended VLAN20 permit tcp 10.10.2.0 0.0.0.255 host 79.1.1.1 eq 22int f0/0.2ip access-group VLAN20 in==================================================================OUT BOUND ACLip access-list extended IN-OUT permit tcp 50.1.1.0 0.0.0.255 host 79.1.1.1 eq telnet permit icmp 50.1.1.0 0.0.0.255 host 79.1.1.1 echo permit tcp host 60.1.1.1 host 79.1.1.1 eq 22int s0/0ip access-group IN-OUT out======================================================================ACL FOR RETURN TRAFFICip access-list extended BLOCK permit tcp host 79.1.1.1 eq 22 60.1.1.0 0.0.0.255 permit icmp host 79.1.1.1 50.1.1.0 0.0.0.255 permit tcp host 79.1.1.1 eq telnet 50.1.1.0 0.0.0.255 permit icmp host 150.1.1.4 host 150.1.1.3 echo-reply deny ip any any log
