09-02-2012 07:58 PM - edited 03-07-2019 08:39 AM
Hi everybody.
Let say a host 199.199.199.3 wants to telnet to 199.199.199.2
Assume the router containing the ACL as shown below decides to fragment the packet into three, f1,f2,f3
First F1 matches the first ACL so it is dropped.Remaining non inital fragments will be dropped too because the first acl matches the only layer 3 information in non initial fragments
Is my understanding correct?
access-list 199 deny tcp any host 199.199.199.2 eq 23
access-list 199 permit tcp any host 199.199.199.
thanks
Solved! Go to Solution.
09-02-2012 08:44 PM
Hi Sarah:
Correct, since the first access list statement denies 199.199.199.2, the rest of the statement in the list is skipped and the packet is dropped.
HTH
09-02-2012 08:44 PM
Hi Sarah:
Correct, since the first access list statement denies 199.199.199.2, the rest of the statement in the list is skipped and the packet is dropped.
HTH
09-02-2012 09:14 PM
thanks Reza
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide