Extended ACL question 3
satishtech
Member Posts: 243
in CCNA & CCENT
ACL 1.access-list 115 permit tcp 192.168.1.0 0.0.0.15 host 192.168.2.2
ACL 2.access-list 116 permit ip 192.168.1.0 0.0.0.15 host 192.168.2.2
was trying a simple configuration , the second one worked,the first one
with tcp did not work, is tcp used only when I use port numbers ?
ACL 2.access-list 116 permit ip 192.168.1.0 0.0.0.15 host 192.168.2.2
was trying a simple configuration , the second one worked,the first one
with tcp did not work, is tcp used only when I use port numbers ?
Comments
-
_Gonzalo_
Member Posts: 113
You use:
permit tcp for TCP traffic
permit udp for UDP traffic
permit ip for TCP and UDP both -
satishtech
Member Posts: 243
tcp traffic = ip+port number ?
so if i wanted the first acl to work i would have to use
> access-list 115 permit tcp 192.168.1.0 0.0.0.15 host 192.168.2.2 eq 80 ---for example
I just cannot use tcp keyword without a port number.. -
james43026
Member Posts: 303 ■■□□□□□□□□
You cannot implement an ACL that filters TCP or UDP without a port number, there would be absolutely no point to this.
-
satishtech
Member Posts: 243
Thank You James.
Quickman, was using wild card masking to allow selective access to a server , IP was enough.
With TCP now I am doing filtering selective access like ports 80 etc
like below
access-list 111 permit tcp 192.168.1.16 0.0.0.15 host 192.168.2.2 eq www
Thanks You everyone