ACL

Unanswered Question
Jon Marshall Tue, 07/07/2009 - 11:34
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Ali


access-list Mail-ACL-out extended permit tcp host 209.165.200.231 eq pop3 any


means allow the host/server 209.165.200.31 to send TCP packets with the source port of pop3 to any destination address on any address


access-list Mail-ACL-out extended permit tcp host 209.165.200.231 any eq pop3


means allow the host/server 209.165.200.31 to send TCP packets with a source port of any to any destination address with a destination port of pop3.


If 209.165.200.231 is your POP server then the first one is probably what you want.


Jon

Istvan_Rabai Tue, 07/07/2009 - 22:51
User Badges:
  • Gold, 750 points or more

Hi Ali,


The generalized format of tcp access-lists is the following:


permit | deny tcp (source address or address range) [source port or port range] (destination address or address range) [destination port or port range] [options]


Cheers:

Istvan

Actions

This Discussion