LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux > Linux - Security
Reload this Page Apache and CISCO ACL ?
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Thread Tools
Old 11-02-2008, 01:47 AM   #1
Ammad
Member
 
Registered: Apr 2004
Distribution: redhat 9.0, fc4, redhat as 4
Posts: 416
Thanked: 0
Apache and CISCO ACL ?

[Log in to get rid of this advertisement]
Dear All,

is there difference between apache 80 and IIS 80 port, i have two webservers, one 172.16.10.45 (Windows IIS) and 172.16.10.46 (Xampp Windows). when i enable ACL on cisco and limit 192.168.81/24 to only access web ports. after ACL on cisco i can access IIS, but Apache system is not accessable. both IIS and Apache are running on 80. when i remove the ACL from interface, i can browse the website. strange behaviour.

Code:
ip access-list extended webout
 permit tcp any 192.168.81.0 0.0.0.255 established
 permit tcp 192.168.81.0 0.0.0.255 host 172.16.10.45 eq www
 permit tcp 192.168.81.0 0.0.0.255 host 172.16.10.45 eq 8080
 permit tcp 192.168.81.0 0.0.0.255 host 172.16.10.46 eq www
 permit tcp 192.168.81.0 0.0.0.255 host 172.16.10.46 range 8080 8099
 permit tcp 192.168.81.0 0.0.0.255 host 172.16.10.46 range 3380 3390
 deny ip any any
Ammad is offline     Reply With Quote
Old 11-02-2008, 02:13 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 32,420
Thanked: 102
at this level there is absolutely no difference, maybe you're using https instead of http? from a client run tcpdump while doing this and we'll see exactly what's going on. also useful to telnet directly to port 80 rather than lose visibility through a browser.
acid_kewpie is offline     Reply With Quote

Reply

Bookmarks


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Cisco 831 Cisco Router and Cable Modem metallica1973 Linux - Networking 3 07-14-2008 08:00 PM
iptables acl versus cisco acl id_viorel Linux - Security 1 04-09-2008 05:00 AM
apache - ACL lists clue_less Red Hat 2 11-10-2007 12:25 AM
coments on comparison of Iptables and cisco ios acl farhan Linux - Security 1 05-17-2005 07:37 AM
Connect to Cisco VPN w/o Cisco VPN Client gboutwel Linux - Networking 4 02-07-2003 12:46 PM


All times are GMT -5. The time now is 12:29 PM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap - LinuxQuestions.org - Home
Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
RSS2  LQ Podcast
RSS2  LQ Radio
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration