Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
337
Views
0
Helpful
2
Replies

ACL ordering issue.

stevek1
Level 1
Level 1

‎08-21-2007 01:36 PM - edited ‎03-03-2019 06:24 PM

Has anybody seen an issue such as below with ACL ordering?

I had the following ACL configured:

ip access-list extended QPM_WindowsSMB

permit tcp any eq 445 any

permit tcp any any eq 445

I noticed I wasn't getting any hits on the second line.

I changed the order of the first 2 elements and I started to get hits on both.

BTW, I upgraded the router IOS to 12.4(15)T1 on the weekend. Could this be a bug with this new software?

Cheers, SteveK.

Labels:
0 Helpful
2 Replies 2

royalblues
Level 10
Level 10

‎08-21-2007 01:49 PM

None that i know of

It basically depends upon the traffic flow

As per the posted list, the first statement is trying to match the trafffic that has a source port of 445 and destination any

The second entry is doing the reverse.

Narayan

0 Helpful

jwdoherty
Level 1
Level 1

‎08-21-2007 04:16 PM

Another possibility is that any TCP traffic with a destination of port 445 always has a source port of 445. Assuming you didn't see this on your prior IOS, one would tend to suspect the new code.

You could turn on/off flow cache, and/or on/off compiled ACLs (if supported on your platform), and/or try a number access list and see if there's a change in behavior.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card