02-27-2006 07:28 AM - edited 03-03-2019 02:01 AM
02-27-2006 02:08 PM
hi all, just a quickie, with access lists such as extended, do we use the tcp line in the statement when adding ports to the statement, otherwise we just use ip in the statement to include a normal network address, am I correct !!
02-27-2006 05:42 PM
Hello,
To make an ACL more granular, specifying specific ports to be checked, use the tcp or udp keyword.
e.g
access-list 101 deny tcp any host 192.168.1.1 eq 23
access-list 101 permt ip any host 192.168.1.1
** Deny only Telnet traffic to 192.168.1.1 from any
** Permit all other IP traffic to 192.168.1.1 from any
Hope this helps.
Regards,
James
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide