ACL

Say you had an access-list with just these 3 lines:

access-list 101 permit ip 192.168.20.0 0.0.0.255 any
access-list 101 deny tcp 192.168.20.0 0.0.0.255 any eq 80
access-list 101 permit ip any any

Would tcp traffic such as http from 192.168.20.0 be allowed thru the router? I thought tcp traffic such as http would not match to the first statement and then be caught by the second, thus getting denied.

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

Netstudent

If you permit everything first, it doesn't matter what application it is, it's going through. You want to put your more specific rules first.

Mikdilly

Netstudent wrote:

If you permit everything first, it doesn't matter what application it is, it's going through. You want to put your more specific rules first.

Thanks for clearing that up.

Quick Links

All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of