From: Jason Cash (cash2001@swbell.net)
Date: Tue Jun 17 2003 - 00:08:28 GMT-3
A certain instructs:
Config R2 such that all telnet traffic sourced from the lo0 of R1 and
destined for the 172.29.80.0 subnet, will go thru R5.
R1 - Lo0 192.168.1.1/32
R2 - S0 172.29.100.2
R5 - S0 172.29.100.5
R1(e1)-----(e0)R2(s0)-----(s0)R5
My question is, is the following incorrect and does it accomplish the same
thing as the solution:
interface Ethernet0
description to R1 E0 (crossover)
ip address 172.29.12.2 255.255.255.192
ip policy route-map local23
!
route-map local23 permit 10
match ip address 100
set ip next-hop 172.29.100.5
!
access-list 100 permit tcp host 192.168.1.1 eq telnet 172.29.80.0 0.0.0.31
The solution provided was:
access-list 100 permit tcp host 192.168.1.1 172.29.80.0 0.0.0.31 eq telnet
I guess I want to know the difference between the two. Would My solution
provide the same result. I interpret mine to mean:
allow traffic from host 192.168.1.1 (tcp src. port 23) to goto subnet
172.29.80.0/27
I interpret the solution as:
allow traffic from host 192.168.1.1 to goto subnet 172.29.80.0/27 (tcp dest.
port 23)
What ais the difference? Does telnet not originate from port 23 on
occasion? Is this where the problem would come into play. I get confused
on src/dest. ports so any links to clear the confusion would be appreciated.
This archive was generated by hypermail 2.1.4 : Fri Jul 04 2003 - 11:10:59 GMT-3