Question

HI Friends need to allow 192.168.27.55 acl policey

  • 9 September 2014
  • 4 replies
  • 234 views

This policy we need to allow IP:192.168.27.55 only.kindly Help as

Policy: test
entry Deny_53 {
if match all {
source-address 192.168.53.0/24 ;
destination-address 192.168.26.0/24 ;
}
then {
deny ;
count Deny_53 ;
}
}
entry Deny_27 {
if match all {
source-address 192.168.27.0/24 ;
destination-address 192.168.26.0/24 ;
}
then {
deny ;
count Deny_27 ;
}
}
entry Deny_51 {
if match all {
source-address 192.168.51.0/24 ;
destination-address 192.168.26.0/24 ;
}
then {
deny ;
count Deny_51 ;
}
}
entry Permit {
if match all {
source-address 0.0.0.0/0 ;
}
then {
permit ;
}
}
Number of clients bound to policy: 1
Client: acl bound once

4 replies

Userlevel 6
Hello Mohammed

I don't understand what you need to do. I see the specific denies for the source and destination ranges. Then you have an explicit permit which should let everything else through.

Do you need the specific IP going to a specific host?

Thanks
P
hallow Paul
I need allow specific host access 192.168.26.0 network
Userlevel 6
ok so all we need to do is put two permits at the beginning of the policy something like this

entry Permit_26 {
if match all {
source-address 192.168.27.55/32 ;
destination-address 0.0.0.0/0 ;
}
then {
permit ;
count permit_26 ;
entry permit_26_2 {
if match all {
source-address 0.0.0.0/0 ;
destination-address 192.168.27.55/32 ;
}
then {
permit ;
count permit_26_2;

put these before the denies. this will allow traffic to and from that host

P
thanks paulthat problem is solved

Reply