Page 1 of 1
Problem with access list
Posted: Wed Aug 27, 2014 1:38 pm
by hkcsser
I want to block all the traffic out without an ip, so that my vpn client can only access to that ip.
What should I do with the access list?
Re: Problem with access list
Posted: Thu Sep 11, 2014 4:55 am
by thisjun
Please add following three rules.
1.Allow the packet destinated to the IP.
2.Allow the packet from the IP.
3.Deny all packets.
Re: Problem with access list
Posted: Tue Oct 07, 2014 9:10 am
by hkcsser
thisjun wrote:
> Please add following three rules.
>
> 1.Allow the packet destinated to the IP.
> 2.Allow the packet from the IP.
> 3.Deny all packets.
It doesn't work! It will make the client cannot be connected as it deny the packet transfer to the client.
Re: Problem with access list
Posted: Tue Oct 14, 2014 9:45 pm
by sdevries.otn
Been going through this myself.
The problem with those 3 rules is that rule 3 disards everything. Including DNS and DHCP requests!
Make sure you also allow to/from your DNS server and/or DHCP server over the correct port numbers.