Thanks
From: [email protected] [mailto:[email protected]] On Behalf Of Tyson Scott Sent: 28 December 2010 03:20 PM To: 'Vybhav Ramachandran'; 'wale ogunyemi' Cc: 'OSL Security' Subject: Re: [OSL | CCIE_Security] Lab 11 Task 1.7 The reason I prefer using the access-list over the port command is an access-list will increase the hit counter letting me know whether my policy is working or not. That doesn't happen with the match port command. But the results of the two commands below are very similar. Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Managing Partner / Sr. Instructor - IPexpert, Inc. Mailto: [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com <http://www.ipexpert.com/> From: [email protected] [mailto:[email protected]] On Behalf Of Vybhav Ramachandran Sent: Monday, December 27, 2010 10:37 PM To: wale ogunyemi Cc: OSL Security Subject: Re: [OSL | CCIE_Security] Lab 11 Task 1.7 Hello Wale, The "match port" command, matches the destination port of the packet. This doesn't give you as many options as the match access-list (where you can match , SrcIP, SrcPort,DestIP,DestPort ). Cheers, TacACK
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
