ccna

rodrypt

hi all...

i have a lite dificulty applying a acl...

the objective is to allow all trafic from r1 lan to r2 lan, but from r2 lan i can only access the server in r1, other trafic like telnet, www, http is blocked


pc1

---

\ /

---

pc4
switch

---

r1

---

r2

---

switch
server1

---

/ \

---

pc3


i used eigrp for protocol it's more plug and play than rip. before i apply any acls i have access to all network, and its working properly...

i tryed to apply the acl to the s 0/0 outbound

access-list 101 permit ip 192.168.50.0 0.0.0.255 host 192.168.30.254
access-list 101 deny ip 192.168.50.0 0.0.0.254 any
access-list 101 deny tcp 192.168.50.0 0.0.0.254 any eq telnet
access-list 101 deny tcp 192.168.50.0 0.0.0.254 any

the problem that i have is that i can't ping from r1 to r2. i tryed to use permits but the result is the same... i can ping the fa 0/0 but e cant ping the lan....

in other attempt i aplyed 2 different acls to the fa 0/0

inbound
access-list 101 permit ip 192.168.50.0 0.0.0.255 host 192.168.30.254
access-list 101 deny ip any any

outbound
access-list 102 permit tcp any any established
access-list 102 permit icmp any any echo-reply
access-list 102 permit icmp any any unreachable

but the result is the same....

what can i do to resolve this problem?

Mishra

Did you figure this problem out?