Solved: Range of ports to specify in an extended accees-list - Cisco Community

431

Views

0

Helpful

4

Replies

Is there a way to specify a range of ports at the the end of an extended access-list on a router. I mean something like 'accees-list 101 permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 eq 6000-6016'.

thank you

1 Accepted Solution

Accepted Solutions

You can do something like..

ip access-list extended myACL

permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 gt 5999

permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 lt 6017

deny tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255

Just play with the "lt" and "gt" parameters.

View solution in original post

4 Replies 4

You can do something like..

ip access-list extended myACL

permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 gt 5999

permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 lt 6017

deny tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255

Just play with the "lt" and "gt" parameters.

Thank you very much - that works.

Any time.. :)

Why not just use the range command?

ip access-list extended myACL

permit tcp 10.10.10.0 0.0.0.255 20.0.0.0 0.0.0.255 range 6000 6016

s.

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community