CCNA ACL Study question

Answered Question
May 14th, 2007

Access-list

access-list 107 deny tcp 207.16.12.0 0.0.3.255 any eq http

access-list 107 permit ip any any

The wildcard 0.0.3.255 is a block size of 4, the 3rd octet will block anything from 12-15 and application http(80)

My quesion is with the ip any any this source ip 207.16.16.14 port 53 should be allowed? The book i have shows that it is denied?

I have this problem too.
0 votes
Correct Answer by mounir.mohamed about 9 years 6 months ago

Dear s-jordan,

Yes 207.16.16.14 port 53 permitted, the first line of the ACL only deny HTTP traffic sourced by 207.16.12.0/22 toward any destination, Extended access control lists is a packet filtering methodology which is inspect the traffic to permit/deny flow (Source& destination address + source and destination port)from UP to Down So if there is a traffic sourced from 207.16.12.0/22 port 53 toward any will permitted, ANY TRAFFIC FLOW WILL BE PERMITTED else the first line.

Please rate helpful posts.

Best Regards,

Mounir Mohamed

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
mounir.mohamed Tue, 05/15/2007 - 04:12

Dear s-jordan,

Yes 207.16.16.14 port 53 permitted, the first line of the ACL only deny HTTP traffic sourced by 207.16.12.0/22 toward any destination, Extended access control lists is a packet filtering methodology which is inspect the traffic to permit/deny flow (Source& destination address + source and destination port)from UP to Down So if there is a traffic sourced from 207.16.12.0/22 port 53 toward any will permitted, ANY TRAFFIC FLOW WILL BE PERMITTED else the first line.

Please rate helpful posts.

Best Regards,

Mounir Mohamed

Actions

This Discussion