Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
269
Views
0
Helpful
2
Replies

ip extended ACL

dporod
Level 1
Level 1

‎03-04-2009 12:24 PM - edited ‎03-06-2019 04:23 AM

When looking at one of our ACLs I sometimes see the port number after the source instead of the destination. Such as:

permit udp any eq 1434 any

What is the difference between putting the port after the source and after the destination?

Labels:
0 Helpful
2 Replies 2

adamclarkuk_2
Level 4
Level 4

‎03-04-2009 12:39 PM

What you are matching there is

Any source IP on udp port 1434 only

to

Any destination IP on any udp port number

So you can see with extended ACL's you can get really granular.

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to adamclarkuk_2

‎03-04-2009 02:50 PM

Dave

The difference is whether the access list will check the source port of the packet (if you specify the port after the source address and mask) or check the destination port (if you specify the port after the destination address and mask).

HTH

Rick

HTH

Rick
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card