Anna Van Dyke's TCS

Click on picture to return to home

       ACL Implementation 

                                           at 

                                    Desert View

Setting up the Access List

 I used and extended access lest, keeping students who should have a binary bit in the “2” position of the third octet from anything except email (smtp, port 25) and http (port 80), while logging all problems. I used two permit statements one for each protocol, and let the implicit deny any any do it’s work at the end to keep students from other types of access. This access list would work on any school router with the IP addressing scheme set up for the school district. This was don’t in global configuration mode.

DesertView (config)# access-list 101 permit tcp 133.100.2.0 0.0.2.255 133.100.4.0 0.0.6.255 eq 25 log

access-list 101 permit tcp  133.100.2.0 0.0.2.255 133.100.4.0 0.0.6.255 eq 80 log

  Applying the Access List

I applied the extended ACL in the interface configuration mode of the gateway to the student/curriculum side of the  router at Desert View.

 DesertView(config-if)# access-group 101 in

Authored by Anna J. Van Dyke 
Revised: May 28, 2001 .