No Problemo.... Have fun using ACLs
/Rubeck
"Brian Ipsen" <bipsen@andebakken.dk> wrote in message
news:3f97d698$0$29347$edfadb0f@dread15.news.tele.dk...
> "Kim Rubeck Jensen" <kim@SPAMrubeck.dk> wrote in message
> news:3f977ad2$0$267$4d4eb98e@news.dk.uu.net...
>
> > Fiktivt subnet: 212.32.130.16 /29
> >
> > interface ethernet 0
> > ip address 212.32.130.17 255.255.255.248
> > ip access-group 110 in
> > ip nat outside
> >
> > nterface ethernet 1
> > ip nat inside
> >
> > ip nat inside source list 100 interface Ethernet0 overload
> > ip nat inside source static 172.16.1.10 212.32.130.18
> >
> > access-list 110 deny icmp any any echo
> > access-list 110 permit icmp any any
> > access-list 110 permit tcp any any established
> > access-list 110 permit tcp any host 212.32.130.18 eq 3389
> > access-list 110 permit tcp any host 212.32.130.18 eq 10000
> > access-list 110 permit udp any eq domain any
> > access-list 110 permit tcp any eq ftp-data any
> > access-list 110 deny ip any any
> >
> >
> > access-list 100 permit ip 172.16.1.0 0.0.0.255 any
>
> Lige noget i den stil jeg søgte !!! - mange tak
>
> /Brian
>
>