×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Range of ports to specify in an extended accees-list

Answered Question
Oct 9th, 2003
User Badges:

Is there a way to specify a range of ports at the the end of an extended access-list on a router. I mean something like 'accees-list 101 permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 eq 6000-6016'.

thank you

Correct Answer by osam about 13 years 10 months ago

You can do something like..


ip access-list extended myACL

permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 gt 5999

permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 lt 6017

deny tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255



Just play with the "lt" and "gt" parameters.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
osam Thu, 10/09/2003 - 18:04
User Badges:

You can do something like..


ip access-list extended myACL

permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 gt 5999

permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 lt 6017

deny tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255



Just play with the "lt" and "gt" parameters.



pleitnes Sun, 10/12/2003 - 17:37
User Badges:

Why not just use the range command?


ip access-list extended myACL

permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 range 6000 6016


s.


Actions

This Discussion