Simply re-enable the ACL, but change the direction of the ACL when re-enabling it. If you don't see it, the access group used for that interface is 'out', and should be 'in' for that interface. Notice anything odd about G0/0? You should. R1(config-ext-nacl)#20 deny tcp 172.16.0.0 0.0.255.255 host 192.168.0.254 eq ftpĮxit your configuration to default, lets check our config (Save prior to this). R1(config)#ip access-list extended 172_to_192 R1(config)#no ip access-list extended 172_to_192 So, from the output of 'show access-lists', copy the deny statement from the following ACL. R1(config)#ip access-list extended 192_to_10įor the second ACL, the deny statements must be first. Lets check our access lists, then edit them accordingly: Lets fix this.Ĭlose out of any open CLI or Tab, and open R1. There should be rules to permit any, because it's 'deny implicit'. The username and password for the FTP is both 'cisco'. Then two (for most the most part) blank lines, now lets see if we can connect elsewhere. Lets first start off by using FTP to tunnel into a server, so open L2 and connect to it's respective server (172.16.255.254). Using our show commands to diagnose the problem.įor one instance, the IP for the server is incorrect. Tutorial / Walk-through Our scenario starts off with the situation of three addresses being unable to access a server's FTP site.
0 kommentar(er)
