Access lists are only parsed until a match is made. The first line will
match ftp, as well as all other tcp/ip traffic. You need to reverse the
order of your lines:
Access-list 101 deny tcp any any eq ftp
Access-list 101 permit ip any any
brian
On Mon, 13 Nov 2000, Sisqo wrote:
> Access-list 101 permit ip any any
> Access-list 101 deny tcp any any eq ftp
>
> Why did the above list FAIL to prevent FTP?
>
>
> _________________________________
> FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
-----------------------------------------------
Brian Feeny, CCNP, CCDP [EMAIL PROTECTED]
Network Administrator
ShreveNet Inc. (ASN 11881)
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
