From: Sam Munzani (sam@xxxxxxxxxxx)
Date: Fri Jun 15 2001 - 12:05:31 GMT-3
Correct if I am wrong,
> access-list 100 permit tcp host 100.1.1.1 eq ftp 10.1.1.1 0.0.0.255
established
This will allow return traffic back for your initial session establishment.
> access-list 100 permit tcp host 100.1.1.1 eq ftp-data 10.1.1.1 0.0.0.255
established
This is not an established session, remote end creates a new session so if
you make is as below, it should work.
access-list 100 permit tcp host 100.1.1.1 eq ftp-data 10.1.1.1 0.0.0.255
Regards,
Sam Munzani
CCIE # 6479, CCNP, CCDP, CCSE, MCSE, CNE(5, 4, 3), SCO Master ACE, HP
Openview Consultant
Certified AIX Administrator, Certified Warp Server Engineer
> Hello guy!
>
> Could you explain why the ftp is not work well?
>
> int se 0
> ip addr 100.1.1.254 255.255.255.0
> ip access-group 100 in
> int e 0
> ip addr 10.1.1.254 255.255.255.0
>
> access-list 100 deny ip any any
>
> ==================================================
> ?l8. @NEM3], Daum
> Fr;} >24B 9+7a E-mail AV<R GQ8^@O3]
> Av18CL GQ1[ 0K;v<-:q=: Daum FIREBALL
> http://www.daum.net
> **Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:24 GMT-3