From: Dillon Yang (gzdillon@hotmail.com)
Date: Mon Mar 28 2005 - 21:32:36 GMT-3
Hi, Ed:
Yes, what you set is what I want to ask!
Need it to set 2-way access-list for the www traffic?
or it just ok to set 1-way access-list for www?
TIA
dillon
----- Original Message -----
From: "Ed Lui" <edwlui@gmail.com>
To: "Dillon Yang" <gzdillon@hotmail.com>
Sent: Tuesday, March 29, 2005 1:43 AM
Subject: Re: access-list EQ
> Dillon,
>
> If you want to allow intranet access the internet www. I think it should be :
>
> interface <outside>
> ip acce 102 out
> ip acce 101 in
> access-list 102 permit tcp any <intranet> eq www
> access-list 101 permit tcp any eq www <intranet> established
>
>
> What do you think ?
>
> Edward
>
> On Sat, 26 Mar 2005 23:50:50 +0800, Dillon Yang <gzdillon@hotmail.com> wrote:
> > Hi, group:
> > For a task that only allow the intranet access the internet www, which is the preferred:
> > 1.
> > interface <outside>
> > ip acce 102 in
> > access-list 102 permit tcp any eq www <intranet>
> > access-list 102 permit tcp <intranet> any eq www
> >
> > 2. ( doccd example)
> > interface <outside>
> > ip acce 102 in
> > access-list 102 permit tcp <intranet> any eq www
> >
> > TIA
> > dillon
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sun Apr 03 2005 - 17:56:53 GMT-3