CCNP

Sushit · September 2005

Users on the network no longer have connectivity to the e-mail server. Upon investigation,
you notice that the access list commands have been changed. What are the commands to
remedy the situation?
Router(config-fi)#access list 110 permit 10.10.10.10 255.255.255.255 eq smtp

johnnynodough · September 2005

??? Im not sure were that came from. But the syntax is incorrect , need to specify TCP, also having a 255.255.255.255 wildcard mask so it would be easier to drop the net and subnet and just state any.

keenon · September 2005

Sushit wrote:

Users on the network no longer have connectivity to the e-mail server. Upon investigation,
you notice that the access list commands have been changed. What are the commands to
remedy the situation?
Router(config-fi)#access list 110 permit 10.10.10.10 255.255.255.255 eq smtp

access list 110 permit (ip,TCP,udp) XXXX xxxx eq (port number or name)

to be more specific if you only want 1 address to pass this make the subnet mask all zeros so that the checking will have to match exactly

Yankee · September 2005

I think the router will change an all zeroes mask to the host keyword if I remember correctly. Won't swear to it because I write them with the host keyword, so I can't be positive me memory is accurate if you use all zeroes.

Yankee

darkuser · September 2005

shouldn't it be ?

access list 110 permit tcp any 10.10.10.10 255.255.255.255 eq smtp

also it depends whether this line IS the whole access list
or just a single line from a larger access-list.
the whole acl may have to be re-pasted or re-applied to an interface.

or
access list 110 permit tcp any host 10.10.10.10 eq smtp

assuming 10.10.10.10 is the host processing smtp packets.

CCNP

Comments