Cisco Catalyst 6500 Series Configuration Manual page 188
Catalyst 6500 series switch and
cisco 7600 series router firewall services
Hide thumbs
Also See for Catalyst 6500 Series:
- Software configuration manual (570 pages) ,
- Configuration note (212 pages) ,
- Installation manual (194 pages)
Table of Contents
Advertisement
Chapter 10
Controlling Network Access with Access Control Lists
Access Control List Overview
For example, you want to apply an ACL to the inbound direction of the inside interface. You configure
the FWSM to perform NAT on the inside source addresses when they access outside addresses. Because
the ACL is applied to the inside interface, the source addresses are the original untranslated addresses.
Because the outside addresses are not translated, the destination address used in the ACL is the real
address (see
Figure
10-1).
Figure 10-1 IP Addresses in ACLs: NAT Used for Source Addresses
209.165.200.225
Outside
Inside
Inbound ACL
Permit from
10.1.1.0/24
to
209.165.200.225
10.1.1.0/24
10.1.1.0/24
209.165.201.4:port
PAT
See the following commands for this example:
FWSM/contexta(config)# access-list INSIDE extended permit ip 10.1.1.0 255.255.255.0 host
209.165.200.225
FWSM/contexta(config)# access-group INSIDE in interface inside
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
10-8
OL-6392-01
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Cisco Catalyst 6500 Series
Related Products for Cisco Catalyst 6500 Series
- Cisco 6503 - Catalyst Firewall Security Sys
- Cisco 6503-E - Catalyst Chassis With Supervisor Engine 32 Switch
- Cisco 6504-E - Catalyst Chassis With Supervisor Engine 32 Switch
- Cisco 6506 - Catalyst Chassis Switch
- Cisco 6513 - Catalyst Switch
- Cisco Catalyst 6509
- Cisco Catalyst 6513-E
- Cisco Catalyst 6500-E Series