Sorry if I was not clear. I have seen others using permit ip host 172.xx.xx.xx 23 host 192.168.xx.0 2000 and some use it like
permit tcp 172.xx.xx.xx 23 host 192.168.xx.0 2000 so that what confuses me. there maybe an explanation for me to better understand.
Let me ask a question about a firewall rule.
Which answer is right and why?
Permit tcp host 10.10.10.254 eq 80 host 10.10.0.2 eq 5000
Permit IP host 10.10.10.254 eq host 10.10.0.2 eq 5000
Which would the right way to use and why?
do you have a real example? I assume that the 23 and 2000 should be ports which were allowed with "tcp" when you also use the keyword "eq". With "ip" there are no ports allowed. So it would be really important to know what you are referring to.
-- Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...