Dear All,
I am using Remote-vpn to connect work place. but i want to limit that user to be able to access only two server 172.16.10.45 and 172.16.10.46 (web/80) . for that i created acl but its not working, i can access all services on these system. My wan interface is fa0 , and when i connect to work place , pool assigns me ip address 192.168.81.10. ACL implemnented on FA0 in. where as servers are on fa1.1 (vlan 1).
ip access-list extended webout permit tcp any 192.168.81.0 0.0.0.255 established permit tcp 192.168.81.0 0.0.0.255 host 172.16.10.45 eq www permit tcp 192.168.81.0 0.0.0.255 host 172.16.10.45 eq 8080 permit tcp 192.168.81.0 0.0.0.255 host 172.16.10.46 eq www permit tcp 192.168.81.0 0.0.0.255 host 172.16.10.46 range 8080 8099 permit tcp 192.168.81.0 0.0.0.255 host 172.16.10.46 range 3380 3390 deny ip any any
where is the problem ?