Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Range of ports to specify in an extended accees-list

Is there a way to specify a range of ports at the the end of an extended access-list on a router. I mean something like 'accees-list 101 permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 eq 6000-6016'.

thank you

1 ACCEPTED SOLUTION

Accepted Solutions
Community Member

Re: Range of ports to specify in an extended accees-list

You can do something like..

ip access-list extended myACL

permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 gt 5999

permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 lt 6017

deny tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255

Just play with the "lt" and "gt" parameters.

4 REPLIES
Community Member

Re: Range of ports to specify in an extended accees-list

You can do something like..

ip access-list extended myACL

permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 gt 5999

permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 lt 6017

deny tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255

Just play with the "lt" and "gt" parameters.

Community Member

Re: Range of ports to specify in an extended accees-list

Thank you very much - that works.

Community Member

Re: Range of ports to specify in an extended accees-list

Any time.. :)

Community Member

Re: Range of ports to specify in an extended accees-list

Why not just use the range command?

ip access-list extended myACL

permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 range 6000 6016

s.

94
Views
0
Helpful
4
Replies
CreatePlease to create content