RE: Access-list question

From: adiment@xxxxxxxxxx
Date: Mon May 07 2001 - 18:46:29 GMT-3

• Next message: Mohamed Heeba: "Fatkid 505 ,dail backup question"
• Previous message: Rob Webber: "RE: Troubleshooting"
• Maybe in reply to: Johnny Dedon: "Access-list question"
• Next in thread: Rob Hopkins: "Re: Access-list question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
This would be a good one to use a reflexive access list.

-----Original Message-----
From: Johnny Dedon [mailto:johnny.dedon@exodus.net]
Sent: Monday, May 07, 2001 4:24 PM
To: Groupstudy
Subject: Access-list question

If I am asked to only permit ftp sessions if established from a local subnet
and I must use an inbound access-list on that local interface, what woud it
look like?

something like this?
access-list 102 permit tcp host 10.10.10.1 gt 1023 199.200.1.0 0.0.0.255 eq
ftp established

Remember the question is inbound on the local interface not inbound on the
internet side.

Johnny Dedon
Senior Staff Consultant
Exodus Professional Services
johnny.dedon@exodus.net
www.exodus.net
**Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html

• Next message: Mohamed Heeba: "Fatkid 505 ,dail backup question"
• Previous message: Rob Webber: "RE: Troubleshooting"
• Maybe in reply to: Johnny Dedon: "Access-list question"
• Next in thread: Rob Hopkins: "Re: Access-list question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:30:35 GMT-3