Maybe a bit of ignorant question; but i always used to think that access-list 170 permit tcp any any telnet
would cover telnet both ways. i.e. it does not matter which range is any so it can from *inside* your network our *outside* your network, still going to the same destination telnet port but it seems for return traffic we also need to define access-list 170 permit tcp any eq telnet any why? the source port is dynamic right ? why would that need to be specified? it would not be 23 so what's the point? Can anyone enlighten me ? Kind regards, Alef _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
