From: Swaroop Potdar (swarooppotdar@hotmail.com)
Date: Wed Aug 18 2004 - 09:05:05 GMT-3
Hi ,
Does the return HTTP traffic again come to the port 80 ???
just in case you have a web server serving requests on you internal
network..then you would deny in coming http requests if asked for.
the second solution access list could be used for both the purposes...by
adding the keyword "in or out" at the end.
correct me if wrong.
HTH
Swaroop.
>From: <samccie2004@yahoo.co.uk>
>Reply-To: <samccie2004@yahoo.co.uk>
>To: "studygroup" <ccielab@groupstudy.com>
>Subject: Basic ACL question
>Date: Wed, 18 Aug 2004 10:16:56 +0200
>
>Hi Group
>
>When asked to deny WWW traffic
>
>Would it be correct to have solution 1, to ensure both http requests and
>replies are blocked.
>Or solution 2, assuming that if no requests are made in first place, no
>replies will follow, therefore no need to block them.
>
>
>Solution 1
>access-list 102 deny tcp any any eq www
>access-list 102 deny tcp any eq www any
>
>Solution 2
>access-list 102 deny tcp any any eq www
>
>TIA
>
>Sam
>
>_______________________________________________________________________
>Please help support GroupStudy by purchasing your study materials from:
>http://shop.groupstudy.com
>
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Sep 03 2004 - 07:02:45 GMT-3