access-list question

From: Paul Peters (ppeters@cox.net)
Date: Tue Sep 28 2004 - 02:22:12 GMT-3

• Next message: Jonathan R. Charles: "RE: EIGRP METRIC"
• Previous message: Ozgur Ocal: "RE: EIGRP METRIC"
• Next in thread: marc van hoof: "RE: access-list question"
• Maybe reply: marc van hoof: "RE: access-list question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Greetings all

I have been working out of a Hello Computers lab book and have a config
question, probably an obvious one for some of you but not for myself

with the following config, why is it necessary to have the lines that are
marked below

the first statement in access-list 101 makes sense to me, but I'm unclear on
why you need the second one

R6#show run
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug datetime
service timestamps log datetime
service password-encryption
!
hostname R6
!
!
ip subnet-zero
no ip domain-lookup
!
interface Serial1
 bandwidth 64
 ip address 150.50.67.2 255.255.255.0
 no ip directed-broadcast
 traffic-shape group 113 22400 7952 7952 1000
 traffic-shape group 112 32000 8000 8000 1000
 traffic-shape group 111 9600 7968 7968 1000
!
interface BRI0
 no ip address
 no ip directed-broadcast
 shutdown
!
router eigrp 100
 network 150.50.0.0
 no eigrp log-neighbor-warnings
!
ip classless
!
logging facility local6
logging source-interface Loopback0
access-list 101 permit tcp any any eq telnet
access-list 101 permit tcp any eq telnet any <-------- why is this one
necessary
access-list 102 permit tcp any any eq ftp
access-list 102 permit tcp any any eq ftp-data
access-list 102 permit tcp any eq ftp any <- this one also
access-list 102 permit tcp any eq ftp-data any
access-list 103 permit icmp any any
access-list 111 permit tcp any any eq telnet
access-list 111 permit tcp any eq telnet any
access-list 111 permit icmp any any
access-list 112 permit tcp any any eq ftp
access-list 112 permit tcp any any eq ftp-data
access-list 112 permit tcp any eq ftp any
access-list 112 permit tcp any eq ftp-data any
access-list 113 permit ip any any
queue-list 1 protocol ip 1 list 101
queue-list 1 protocol ip 2 list 102
queue-list 1 protocol ip 3 list 103
queue-list 1 default 4
queue-list 1 queue 2 byte-count 5000
queue-list 1 queue 3 byte-count 1000
queue-list 1 queue 4 byte-count 4000
queue-list 1 lowest-custom 2
!
!
line con 0
 transport input none
line aux 0
line vty 0 4
!
end

R6#
bash-2.03$

• Next message: Jonathan R. Charles: "RE: EIGRP METRIC"
• Previous message: Ozgur Ocal: "RE: EIGRP METRIC"
• Next in thread: marc van hoof: "RE: access-list question"
• Maybe reply: marc van hoof: "RE: access-list question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Oct 01 2004 - 15:00:50 GMT-3