1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Packet tracer & ACL help

Discussion in 'Routing & Switching' started by griffin84, May 4, 2012.

  1. griffin84

    griffin84 New Member

    Evening, first time poster long long time lurker,

    I am completing a project in college and I am stuck at part of the implementation stage
    where I need to create (what I think is an ACL) some sort of access/deny list,
    so on my network (one router, two switches all Cisco devices) the users on one side
    cannot access the admin side of the network. I would be greatful if anyone could point
    me in the right direction and forgive my ignorance. Thanks in Advance though :oops:
    Certifications: Hnd IT Support, Hnc IT support, Mcdst, A+
    WIP: Bsc Networking
  2. Coupe2T

    Coupe2T Megabyte Poster

    From what you have given an ACL sounds like the plan. There are plenty of resources to show how to set up an ACL but basically you need to set it up in the interface config I believe, can't recall the command off top of my head but you need to create an ACL name/number and then you can simply permit or deny specific IP's etc.

    I've only limited knowledge on ACL's though, not used them myself. Google it though and i'm sure youwill find the commands pretty quickly, or someone else on here may be able to expand further for you.
    Certifications: ECDL, Does that Count!?!
    griffin84 likes this.
  3. sammy_bibs

    sammy_bibs Bit Poster

    It would be super helpfull if you posted up you configs, but the solution to this may not be access-lists. This sounds like a typical cisco scenario where they want you to keep two departments traffic separated from each other. The method I would go with is to use separate vlans for each department. Put all your users in say vlan 10 and your admin department in vlan 12. This will separate them into two different collision domains whilst still keeping them in the same layer three subnet design.

    Like always there are many ways to do this, and access-list will work, but I am assuming your using L2 switches, in which case you would have to create mac access-lists but it would be somewhat of a brute force approach to the problem.

    Look up VLans, and filter as needed, job done! see link;

    Basic VLAN Configuration Tutorial for Cisco CCNA | CCNA Study Guide and Computer Tips
    Certifications: CCNA, CCNP, SCSA, MCSA, BSc

Share This Page