IOS Access Control List

 ! ! remove current access-list 101 no access-list 101 ! ! Permit established connections access-list 101 permit tcp any any established ! ! Permit ssh access-list 101 permit tcp any host 10.0.0.20 eq 22 access-list 101 permit tcp any host 10.0.0.21 eq 22 access-list 101 permit tcp any host 10.0.0.31 eq 22 access-list 101 permit tcp any host 10.0.0.32 eq 22 access-list 101 permit tcp any host 10.0.0.41 eq 22 access-list 101 permit tcp any host 10.0.0.42 eq 22 access-list 101 permit tcp any host 10.0.0.51 eq 22 access-list 101 permit tcp any host 10.0.0.52 eq 22 access-list 101 permit tcp any host 10.0.0.61 eq 22 ! ! Permit email services plus webmail 80 access-list 101 permit tcp any host 10.0.0.20 eq 25 access-list 101 permit tcp any host 10.0.0.20 eq 110 access-list 101 permit tcp any host 10.0.0.20 eq 143 access-list 101 permit tcp any host 10.0.0.20 eq 80 ! ! Permit web services access-list 101 permit tcp any host 10.0.0.41 eq 80 access-list 101 permit tcp any host 10.0.0.51 eq 80 access-list 101 permit tcp any host 10.0.0.41 eq 443 access-list 101 permit tcp any host 10.0.0.51 eq 443 ! ! Permit DNS access-list 101 permit tcp any host 10.0.0.41 eq 53 access-list 101 permit tcp any host 10.0.0.51 eq 53 access-list 101 permit udp any any eq 53 ! ! Permit ident to not slow stuff down access-list 101 permit tcp any any eq 113 ! ! Permit high tcp and udp for streaming media access-list 101 permit tcp any any gt 1023 access-list 101 permit udp any any gt 1023 ! ! Deny everything else and send it the syslog machine access-list 101 deny ip any any log