I have the following access list and am trying to make since of it. Here is what I have sofar with what I think the line does.
1. access-list 101 deny icmp any any redirect stop all redirects 2. access-list 101 deny icmp any any echo stop ping 3. access-list 101 deny ip 127.0.0.0 0.255.255.255 any stop localhost from going anywhere 4. access-list 101 deny ip 224.0.0.0 31.255.255.255 any stop private address from going anywhere 5. access-list 101 deny ip xxx.xxx.40.0 0.0.0.255 any stop xxx.xxx.40.0/24 from getting to anything 6. access-list 101 permit tcp any any eq telnet permit telnet from anywhere 7. access-list 101 permit tcp any any established permit anything from established connection 8. access-list 101 permit tcp any host xxx.xxx.43.133 eq smtp permit anyone to xxx.xxx.43.113 port 25 9. access-list 101 permit tcp any host xxx.xxx.43.133 eq pop3 permit anyone to xxx.xxx.43.113 port 110 10. access-list 101 permit tcp any host xxx.xxx.43.133 eq ftp permit anyone to xxx.xxx.43.113 port 21 11. access-list 101 permit ip host XXX.152.0.8 any permit external dns servers to go anywhere 12. access-list 101 permit ip host XXX.152.16.8 any permit external dns servers to go anywhere 13. access-list 101 permit tcp any host xxx.xxx.43.134 eq www permit anyone to xxx.xxx.43.134 port 80 14. access-list 101 permit tcp any host xxx.xxx.43.134 eq 443 permit anyone to xxx.xxx.43.134 port 443 15. access-list 101 permit icmp any any permit ping from anywhere to anywhere this is applied to a serial interface in. we have external DNS and internal SMTP and POP3 and WWW the lines that are confusing me are 1, 2, and 15 it looks to me that at first it is denying redirects and ping but then on line 15 it permits everything. is this correct? Also, if you notice anything else that i don't have right could you please mention it as well. thanks, Justin Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36131&t=36131 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
