Hi,
I have a Cisco 2612 router with IOS Version 12.3(19). I believe I have most of the router configured correctly but I am having trouble with my ACLs. When I have just one access group applied everything seems to work fine. But when I try to apply both access groups on e1/0, everything is denied.
I've been working on this for the last week to no prevail. I have spent many hours searching for the solution, which I'm sure I'm making this harder than what it is. Any help or pointers in the right direction will be very much appreciated.
Building configuration...
Current configuration : 2404 bytes ! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname router ! boot-start-marker boot-end-marker ! enable secret 5 $1$Pkga$fnM8qg2ikzQllQ7Dcffbb. ! memory-size iomem 15 no aaa new-model ip subnet-zero ip cef ! ! ip domain name company.com ip host company 10.0.0.3 172.16.0.1 ip name-server 10.0.0.2 ! ! ! ! ! interface Ethernet0/0 description 10.0.0.0 Network ip address 10.0.0.3 255.255.255.0 full-duplex ! interface TokenRing0/0 no ip address shutdown ring-speed 16 ! interface Ethernet1/0 description 172.16.0.0 Network ip address 172.16.0.1 255.255.255.0 ip access-group 100 in ip access-group 101 out full-duplex ! router rip network 10.0.0.0 network 172.16.0.0 ! no ip http server ip classless ip route 0.0.0.0 0.0.0.0 10.0.0.1 ! ! access-list 100 permit tcp any any eq www access-list 100 permit tcp any any eq smtp access-list 100 permit udp any any eq domain access-list 100 permit udp any eq domain any access-list 100 permit tcp any any eq domain access-list 100 permit tcp any eq domain any access-list 101 permit tcp host x.x.58.16 host 172.16.0.2 eq 22 access-list 101 permit tcp host x.x.2.229 host 172.16.0.2 eq 22 access-list 101 permit tcp host x.x.234.77 host 172.16.0.2 eq 22 access-list 101 permit tcp host x.x.204.13 host 172.16.0.2 eq 22 access-list 101 permit tcp host x.x.19.50 host 172.16.0.2 eq 22 access-list 101 permit tcp host x.x.69.239 host 172.16.0.2 eq 22 access-list 101 permit tcp host x.x.82.71 host 172.16.0.2 eq 22 access-list 101 permit tcp host x.x.212.93 host 172.16.0.2 eq 22 access-list 101 permit tcp host x.x.212.194 host 172.16.0.2 eq 22 access-list 101 permit tcp host x.x.98.114 host 172.16.0.2 eq 22 access-list 101 permit tcp host x.x.210.155 host 172.16.0.2 eq 22 access-list 101 permit tcp host x.x.38.205 host 172.16.0.2 eq 22 access-list 101 permit tcp host x.x.88.20 host 172.16.0.2 eq 22 access-list 101 permit tcp host x.x.254.100 host 172.16.0.2 eq 22 access-list 101 permit tcp host x.x.133.150 host 172.16.0.2 eq 22 access-list 101 permit tcp any any established no cdp run banner motd ^C This is a secure system, authorized access ONLY! ^C ! line con 0 password pass login line aux 0 password pass line vty 0 4 password pass login ! ! end
Thanks,
Dustin