The Cisco router ACL was configured by someone else. So what i want to do is i would like to give one user to access all ports incoming and outgoing.
when i tried like this
#access-list 101 permit any host 192.168.20.146 host 192.168.20.254
192.168.20.254 //the router interface
192.168.20.146 //the user IP address
what did i do wrong on that command?
what is the correct way to give that user the full permission?
Thanks,
What you've done is allowed all traffic from the source .146 to the destination .254. What you need to do is to allow all traffic from the source .146 to any destination. You don't need to use an extended access list for something this simple, you could use a standard access list like this:
access-list 10 permit 192.168.20.146
This isn't really enough information to fully answer your question without knowing where the ACL is actually applied and in what direction(s), but as far as syntax for an extended ACL:
access-list 101 permit ip source destination
Somewhere before corresponding deny entries in the ACL, if you're wanting completely open access both directions (and again depending on if the ACL is applied input/output or to both incoming and outgoing ports), you would want:
access-list 101 permit ip host 192.168.20.146 any
access-list 101 permit ip any host 192.168.20.146