cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
srk2016
New Contributor

Having a issue with a Ip Access List that is supposed to only allow certain sites and deny everything else.. With list enforced , all traffic is blocked. I have ACL tied with correct security zone/policy. Just trying to find out why it is not working .

Here is some of my configuration:

interface vlan 1

  ip address  10.10.10.1  255.255.255.0

  ip access-policy Private

  ip route-cache express

  no shutdown

!

interface vlan 2

  description Vlan 2

  ip address  xxx.xxx.xxx.xxx

  ip mtu 1500

  ip access-policy Public

  no rtp quality-monitoring

  no awcp

  no ip route-cache express

  no shutdown

!

!

!

!

!

!

ip access-list standard wizard-ics

  remark Internet Connection Sharing

  permit any log

!

!

ip access-list extended ALLOWED_SITES

  permit ip any  xx.xx.xx.xx

  

  deny   ip any  any   

!

ip access-list extended self

  remark Traffic to NetVanta

  permit ip any  any     log

!

ip access-list extended web-acl-5

  remark Allowed Websites

!

0 Kudos
3 Replies
jayh
Honored Contributor
Honored Contributor

Re: Having a issue with a Ip Access List that is supposed to only allow certain sites and deny everything else.. With list enforced , all traffic is blocked. I have ACL tied with correct security zone/policy. Just trying to find out why it is not working

We need more of the configuration, specifically the Public and Private ip policy-class statements.

srk2016
New Contributor

Re: Having a issue with a Ip Access List that is supposed to only allow certain sites and deny everything else.. With list enforced , all traffic is blocked. I have ACL tied with correct security zone/policy. Just trying to find out why it is not working

Here you go. I am still unable to get this to work properly. ip policy-class Private   allow list self self   nat source list ALLOWED_SITES interface vlan 2 overload ! ip policy-class Public   allow list wizard-remote-access self ! !

Anonymous
Not applicable

Re: Having a issue with a Ip Access List that is supposed to only allow certain sites and deny everything else.. With list enforced , all traffic is blocked. I have ACL tied with correct security zone/policy. Just trying to find out why it is not working

As this could be a few different issues, it would be best for you to post your complete configuration (redacted) or open a Tech Support Ticket so that we can assist you. You can use the link below to open a support ticket.

http://portal.adtran.com/web/page/portal/Adtran/wp_support_openasupportcase



Regards,

Donna