# Setting up basic ACL's on Cisco 2600



## t_ski (May 8, 2008)

OK, I have a small project I'm working on.  To start with, here's the basic network map:







I'm looking to set up some very basic access control lists for using the router as a firewall.  (This is a requirement for the class I'm doing this for, so don't ask me why I'm not using a regular firewall.)  Since we're only dealing with these three servers (web, email and FTP), we're only concerned with ports 80, 25, 20/21 and 110.  However, Windows ephemeral ports 49151-65535 have to be considered as well.

Here's what I have so far:

```
!Access List #1
!Applied to e0/0
!
Router(config)# access-list 1 permit tcp any eq 80
Router(config)# access-list 1 permit tcp any eq 25
Router(config)# access-list 1 permit tcp any eq 110
Router(config)# access-list 1 permit tcp any eq 20
Router(config)# access-list 1 permit tcp any eq 21
Router(config)# access-list 1 permit tcp any range 49151-65535
Router(config)# access-list 1 deny ip any any
!
!
!end



!Access List #2
!Applied to e0/1
!
Router(config)# access-list 2 permit tcp any eq 80
Router(config)# access-list 2 permit tcp any eq 25
Router(config)# access-list 2 deny tcp any eq 110
Router(config)# access-list 2 permit tcp any eq 20
Router(config)# access-list 2 permit tcp any eq 21
Router(config)# access-list 2 permit tcp any range 49151-65535
Router(config)# access-list 2 permit icmp any any
Router(config)# access-list 2 deny ip any any
!
!
!end
```

Am I on the right track here?  I don't want to be missing something huge.


----------

