Unanswered Question
Aug 23rd, 2007

I have been trying to get ACLS working on VLANs int?s with limited success. I have version 12, advipservices ios.

The following command allows me to access on port 25

Permit tcp any host eq 25

The following command denies me access, the command should achieve the same???

Permit tcp host host eq 25

Any ideas?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Richard Burts Thu, 08/23/2007 - 10:42


Perhaps I do not understand correctly your question. The first access list will allow any host to access host on TCP port 25. The second access list will allow a specific host on to access host on TCP port 25. So if you are on host then the effect of the access lists is the same. If you are not on host then the second access list denies you access.

If there is some part of the question that I have not addressed then perhaps you can clarify the question?



Jon Marshall Thu, 08/23/2007 - 10:45


If you are sure you are coming from then yes it should work.

Are you absolutely sure this your source address ?


Edit - sorry Rick, cross posting

Joseph W. Doherty Thu, 08/23/2007 - 10:56

Besides Rick's and Jon's suggestions, and since I seem to suffer from IP address and/or IP mask dyslexia, I'll either enable ACL logging or enable debug to see what's happening.


This Discussion