Why the diff between these two ACLs?

Sa'adSa'ad Member Posts: 150 ■■■□□□□□□□
1) ip access-list extended HTTP
permit tcp 155.1.146.0 0.0.0.255 eq www any

2) ip access-list extended HTTP
permit tcp 155.1.146.0 0.0.0.255 any eq www


I have applied this ACL to a qos policing policy. I'm getting hits with the first one but not with the second one. Not sure what I'm missing here but they look the same to me besides the order of entry.

Any thoughts?
INE v4 volume 1

Comments

  • fredrikjjfredrikjj Member Posts: 879
    The first one says "permit from 155.1.146.0/24 port 80 to any destination with any port"
    The second one says "permit from 155.1.146.0/24 with any port to any destination with port 80."
  • Sa'adSa'ad Member Posts: 150 ■■■□□□□□□□
    Obiviously I need refreshing on my ACL skills. I haven't done serious ACL work since my CCNA days. The way you explain it makes perfect sense.

    Thanks a lot fredrikjj!
    INE v4 volume 1
Sign In or Register to comment.