Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Access list help!

Hi

Could someone please explain the following. I just need to double check my explanation of the following:

access-list acl_dmz3 permit icmp any any

access-list acl_dmz3 permit udp any any eq domain

access-list acl_dmz3 permit udp any any eq ntp

access-list acl_dmz3 permit tcp any any

Thanks

Dan

4 REPLIES

Re: Access list help!

Hi DAN,

This ACL will permit all icmp traffic,permit all tcp traffic and permit UDP traffic only for NTP and DNS from any source to any destination and will implicit deny rest of the traffic.

HTH, if yes please rate the post.

Ankur

New Member

Re: Access list help!

Hi

Thanks for the info. It was what I thought.

Since this is a dmz shouldn't I drop the tcp access and only allow certain ports to be open to the internet?

Otherwise I'm happy with your answer to my initial question

Thanks

Dan

New Member

Re: Access list help!

Hi

Does source mean from external or can source mean from internal host in dmz zone?

Thanks

Dan

Bronze

Re: Access list help!

Depends on where the acl is applied and the direction it is applied in.

109
Views
0
Helpful
4
Replies