Typo... On Sat, Jul 10, 2010 at 11:26 AM, Kingsley Charles < [email protected]> wrote:
> With "permit/deny <L4 protocol> <ip range > <ip range> fragments", if there > is a packet that is a non-initial packet which doesn't have the l4 > information then > what will the router? > > Permit "permit/deny <L4 protocol> <ip range > <ip range> fragments" ---> > Allows the packets checking, if the l3 info matches > deny <L4 protocol> <ip range > <ip range> fragments -> Even, if the l3 info > matches, the *packets* is checked for the next ACL statement and not > denied. > > > > > With regards > Kings > > On Fri, Jul 9, 2010 at 9:19 AM, Yogesh Gawankar <[email protected]>wrote: > >> Hi All >> >> IS there any difference in the following 2 ACEs >> >> permit/deny <L4 protocol> <ip range > <ip range> fragments >> and permit/deny ip <ip range> <ip range> fragments, >> >> Arent they both going to act the same on any non-intial fragmented >> packets? >> >> ALso if we specify some port information in the L4 ACE does it allow us to >> still specify the fragments keyword? >> >> Thanks and regards >> >> Yogesh >> >> >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
