From: navaid@rogers.com
Date: Tue Sep 09 2003 - 18:25:07 GMT-3
I think following is correct. Since receiving host are on r2 segment we will use it as destination address and will match tftp port.
access-list 100 permit udp any 192.168.5.0 0.0.0.255 eq tftp
Navaid
>
> From: Arifur Rahman <arahman@cisco.com>
> Date: 2003/09/09 Tue PM 05:00:34 EDT
> To: <ccielab@groupstudy.com>
> Subject: access-list question
>
> <resending, there was a typo>
> Hi
> I have an access-list question that might be trivial but I am confused. My
> topology is like below
>
> ---r1# (e1/0)--------r2#----(192.168.5.0/24 subnet)--
>
> and statement is "permit tftp traffic to be received by hosts on r2's
> ethernet segment only"
>
> Which one is correct and why
>
> r1#
> int e1/0
> ip access-group 100 in
> access-list 100 permit udp 192.168.5.0 0.0.0.255 any eq tftp
> access-list 100 deny udp any any eq tftp
>
> or
>
> r1#
> int e1/0
> ip access-group 100 in
> access-list 100 permit udp any 192.168.5.0 0.0.0.255 eq tftp
> access-list 100 deny udp any any eq tftp
>
> or neither is correct :)
>
> Appreciate your time. thanks - Arif
>
>
> _______________________________________________________________________
> You are subscribed to the GroupStudy.com CCIE R&S Discussion Group.
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> _______________________________________________________________________
> You are subscribed to the GroupStudy.com CCIE R&S Discussion Group.
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
1
This archive was generated by hypermail 2.1.4 : Wed Oct 01 2003 - 07:24:25 GMT-3