Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ip extended ACL

When looking at one of our ACLs I sometimes see the port number after the source instead of the destination. Such as:

permit udp any eq 1434 any

What is the difference between putting the port after the source and after the destination?

2 REPLIES

Re: ip extended ACL

What you are matching there is

Any source IP on udp port 1434 only

to

Any destination IP on any udp port number

So you can see with extended ACL's you can get really granular.

Hall of Fame Super Silver

Re: ip extended ACL

Dave

The difference is whether the access list will check the source port of the packet (if you specify the port after the source address and mask) or check the destination port (if you specify the port after the destination address and mask).

HTH

Rick

129
Views
0
Helpful
2
Replies
CreatePlease to create content