10-09-2003 02:58 PM - edited 03-09-2019 05:06 AM
Is there a way to specify a range of ports at the the end of an extended access-list on a router. I mean something like 'accees-list 101 permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 eq 6000-6016'.
thank you
Solved! Go to Solution.
10-09-2003 06:04 PM
You can do something like..
ip access-list extended myACL
permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 gt 5999
permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 lt 6017
deny tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255
Just play with the "lt" and "gt" parameters.
10-09-2003 06:04 PM
You can do something like..
ip access-list extended myACL
permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 gt 5999
permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 lt 6017
deny tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255
Just play with the "lt" and "gt" parameters.
10-10-2003 02:27 PM
Thank you very much - that works.
10-10-2003 02:38 PM
Any time.. :)
10-12-2003 05:37 PM
Why not just use the range command?
ip access-list extended myACL
permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 range 6000 6016
s.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide