From: Jelle Borsje (borsjej@yahoo.dk)
Date: Fri Apr 08 2005 - 10:12:29 GMT-3
Hej,
The 'both ways' seems to indicate that you need to
allow return traffic as well:
access-list 103 permit icmp any any echo
access-list 103 permit icmp any any echo-reply
access-list 103 permit udp any any eq tftp
access-list 103 permit tcp any any eq smtp
access-list 103 permit tcp any any eq www
I would add:
access-list 103 permit udp any eq tftp any
access-list 103 permit tcp any eq smtp any
access-list 103 permit tcp any eq www any
That would allow traffic from a server back to a
client. Does that make sense?
Greetz
Jelle
--- "T. N. Noble" <noble@inserviceindia.com> wrote:
> Hi,
>
> How do you interpret the following question?
>
> Configure an inbound access list 103 on R3's
> loopback 0 that satisfies the
> below mentioned criteria.
>
> 1. TFTP, SMTP, and WWW traffic are permitted both
> ways.
> 2. ICMP ping traffic is permitted from everywhere.
> 3. All other traffic is implicitly denied.
>
>
> My answer is....It seems that something is wrong
> with it. What is the
> question trying to explore by telling "both ways"
> and "everywhere"
>
>
> access-list 103 permit icmp any any echo
> access-list 103 permit icmp any any echo-reply
> access-list 103 permit udp any any eq tftp
> access-list 103 permit tcp any any eq smtp
> access-list 103 permit tcp any any eq www
>
>
> Any suggestion will be appreciated.
>
> Thanks,
>
> Noble
>
>
This archive was generated by hypermail 2.1.4 : Tue May 03 2005 - 07:54:55 GMT-3