02-19-2009 03:35 PM - edited 03-11-2019 07:53 AM
Is there a command to allow a range of ports or all ports to pass through? I can allow individual ports with an eq statement (eq smtp, eq 3389, etc.), but I need to allow a wide range (or all)from one specific IP address through to one specific server. Thanks.
02-19-2009 03:44 PM
yes, you can use the range command.
eg:
access-list dmz_access_in extended permit tcp host WEB host EXT-WEB range 8500 9000
02-20-2009 05:52 AM
Thanks! Just curious - is there a command to allow all ports or do you just need to expand the range to incluse all?
02-20-2009 09:43 AM
For all tcp ports just do...
access-list dmz_access_in extended permit tcp host WEB host EXT-WEB
or all udp ports...
access-list dmz_access_in extended permit udp host WEB host EXT-WEB
or both
access-list dmz_access_in extended permit ip host WEB host EXT-WEB
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: