01-14-2013 12:01 PM
I have created the following acl, and applied it, but i am not denying traffic that should be denied.
Any ideas would be greatly appreciated.
I have an ASA5550 pluged into port 7/19, i have clients that vpn in, are given an IP address and i am trying to deny them complete access.
But if i test from home I get the right IP address, 192.168.98.225 and I can get to 99.253 no problem. But I can also get to anything else on that ip range as well.
this is a big flat network, 192.168.96.0 /22 ( I didn't design it, just have to deal with it).,
interface ve 2
ip access-group datacasting in ethe 7/19
ip access-list extended datacasting
permit ip 192.168.98.208 0.0.0.15 host 192.168.99.222 log
permit ip 192.168.98.208 0.0.0.15 host 192.168.99.223 log
permit ip 192.168.98.224 0.0.0.7 host 192.168.99.253 log
deny ip 192.168.98.208 0.0.0.15 any log
deny ip 192.168.98.224 0.0.0.7 any log
permit ip any any log