On Thu, Apr 21, 2011 at 3:13 PM, u...@3.am wrote:
Ok, I've done a lot of Cisco standard and extended ACLs, but I do not
understand why the following does not work the way I think it should.
Near the end of this extended named ACL, I have the following:
permit tcp any eq 443 any
Don't you
On Thu, 21 Apr 2011, u...@3.am wrote:
permit tcp any eq 443 any
permit tcp any eq 80 any
deny ip any host 2.2.3.4
permit ip any any
This is applied to an inbound interface(s). We want anybody outside to be
able to reach ports 80 and 443 of any host on our network, no matter what,
then block
If this is applied inbound from the Internet, then the first two permits are
permitting reply traffic from the far-end Web server's ports 80 or 443 back
toward your surfing workstations or servers. You should think of those as
permit
- just TCP
-- where the SOURCE is any IP address, but source
Thanks everyone, of course this is what I wanted. Like I said, a stupid
ACL question...I'm blaming heavy medication, sorry for the noise!
On Thu, 21 Apr 2011, u...@3.am wrote:
permit tcp any eq 443 any
permit tcp any eq 80 any
deny ip any host 2.2.3.4
permit ip any any
This is applied
On Thu, Apr 21, 2011 at 3:13 PM, u...@3.am wrote:
Ok, I've done a lot of Cisco standard and extended ACLs, but I do not
understand why the following does not work the way I think it should.
Near the end of this extended named ACL, I have the following:
permit tcp any eq 443 any
permit tcp
5 matches
Mail list logo
