CCNA ACL Study question

Answered Question
May 14th, 2007
User Badges:

Access-list


access-list 107 deny tcp 207.16.12.0 0.0.3.255 any eq http

access-list 107 permit ip any any


The wildcard 0.0.3.255 is a block size of 4, the 3rd octet will block anything from 12-15 and application http(80)


My quesion is with the ip any any this source ip 207.16.16.14 port 53 should be allowed? The book i have shows that it is denied?

Correct Answer by mounir.mohamed about 9 years 10 months ago

Dear s-jordan,


Yes 207.16.16.14 port 53 permitted, the first line of the ACL only deny HTTP traffic sourced by 207.16.12.0/22 toward any destination, Extended access control lists is a packet filtering methodology which is inspect the traffic to permit/deny flow (Source& destination address + source and destination port)from UP to Down So if there is a traffic sourced from 207.16.12.0/22 port 53 toward any will permitted, ANY TRAFFIC FLOW WILL BE PERMITTED else the first line.


Please rate helpful posts.


Best Regards,

Mounir Mohamed

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
mounir.mohamed Tue, 05/15/2007 - 04:12
User Badges:
  • Gold, 750 points or more

Dear s-jordan,


Yes 207.16.16.14 port 53 permitted, the first line of the ACL only deny HTTP traffic sourced by 207.16.12.0/22 toward any destination, Extended access control lists is a packet filtering methodology which is inspect the traffic to permit/deny flow (Source& destination address + source and destination port)from UP to Down So if there is a traffic sourced from 207.16.12.0/22 port 53 toward any will permitted, ANY TRAFFIC FLOW WILL BE PERMITTED else the first line.


Please rate helpful posts.


Best Regards,

Mounir Mohamed

Actions

This Discussion