Controlling Terminal Lines

Hi, based on the questions need to ''log any attempt to connect from R2 to any destination on port 80" and assuming that means to block it the ACL should be like the following:

access-list 107 deny tcp any host 150.1.7.7 eq www log
access-list 107 deny tcp any host 155.1.7.7 eq www log
access-list 107 deny tcp any host 155.1.67.7 eq www log
access-list 107 deny tcp any host 155.1.79.7 eq www log

access-list 107 permit tcp any host 150.1.7.7
access-list 107 permit tcp any host 155.1.7.7
access-list 107 permit tcp any host 155.1.67.7
access-list 107 permit tcp any host 155.1.79.7
access-list 107 deny tcp any any eq www log

Once logged into R9 (I used R9 and R7 as the allowed list) attempting to even telnet to R7 on 80 will be blocked:

R9>telnet 150.1.7.7
Trying 150.1.7.7 ... Open
R7>exit

[Connection to 150.1.7.7 closed by foreign host]
R9>telnet 150.1.7.7 80
Trying 150.1.7.7, 80 ...
% Connections to that host not permitted from this terminal

Comments

Sign In or Register to comment.