From: Navin MS (navin_ms07@yahoo.com)
Date: Thu Jun 22 2006 - 16:04:21 ART
Group,
Is it possible that we can use a reflexive ACL for this ?
IMP, the inbound and outbound traffic is just the mirror of each other.
So just "reflect" in the outbound ACL and do an "evaluate" in the inbound ?
Does that simplify this task ?
Thanks,
Naveen.
--- Chris Lewis <chrlewiscsco@gmail.com> wrote:
> Ignore my comment on this, I need to clean my glasses so I can read the
> diagram properly.
>
> Chris
>
>
> On 6/22/06, Popgeorgiev Nikolay <nikolay.popgeorgiev@siemens.com> wrote:
> >
> > Chris,
> >
> > Sorry but can you explain me how exactly port 20 is used in the PASSIVE
> > mode of ftp. Maybe I don't understand something ?
> >
> >
> > According to the access lists matching both types of ftp it should be
> > something like this:
> >
> > Active
> >
> > Access-list 101 permit tcp host mypc host SRV eq 21
> > Access-list 101 permit tcp host mypc host SRV eq 20
> >
> > Access-list 102 permit tcp host SRV eq 21 host mypc
> > Access-list 102 permit tcp host SRV eq 20 host mypc
> >
> >
> > Passive
> >
> > Access-list 101 permit tcp host mypc host SRV eq 21
> > Access-list 101 permit tcp host mypc host SRV gt 1023
> >
> > Access-list 102 permit tcp host SRV eq 21 host mypc
> > Access-list 102 permit tcp host SRV gt 1023 host mypc
> >
> >
> >
> > Best,
> > Nick
> >
> >
> >
> >
> > -----Original Message-----
> > From: Chris Lewis [mailto: chrlewiscsco@gmail.com]
> > Sent: Thursday, June 22, 2006 4:00 AM
> > To: Plank, Jason
> > Cc: Ken; Cisco certification
> > Subject: Re: FTP connection type
> >
> > Well, both passive and active use ports 20 and 21.
> >
> >
>
http://www.cisco.com/web/about/ac123/ac147/ac174/ac199/about_cisco_ipj_archive_article09186a00800c85a7.html
> >
> >
> > Provides a full description.
> >
> > Chris
> >
> >
> > On 6/21/06, Plank, Jason <JPlank@concordefs.com> wrote:
> > >
> > > It means ACTIVE FTP, which uses TCP ports 20/21.
> > >
> > > -------------------
> > > J. Marshall Plank
> > > Network Engineer
> > > 101 Bellevue Parkway
> > > Wilmington, DE 19809
> > > E-mail: JPlank@concordefs.com
> > > Phone: 302-793-5913
> > >
> > >
> > > -----Original Message-----
> > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com ] On Behalf Of
> > > Ken
> > > Sent: Wednesday, June 21, 2006 6:11 PM
> > > To: Cisco certification
> > > Subject: FTP connection type
> > >
> > > Hello,
> > >
> > > When there is a statement, "suppose that this FTP server does not
> > > support PASV FTP connection", what kind of difference does it make
> > > in the ACL configuration?
> > >
> > > I am referring to the QoS question 8.3 in Lab 2 of IE work book.
> > >
> > > Thanks,
> > >
> > > _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > > -----------------------------------------
> > > The information in this message may be proprietary and/or
> > > confidential, and protected from disclosure. If the reader of this
> > > message is not the intended recipient, or an employee or agent
> > > responsible for delivering this message to the intended recipient,
> > > you are hereby notified that any dissemination, distribution or
> > > copying of this communication is strictly prohibited. If you have
> > > received this communication in error, please notify First Data
> > > immediately by replying to this message and deleting it from your
> > > computer.
> > >
> > > _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
This archive was generated by hypermail 2.1.4 : Sat Jul 01 2006 - 07:57:33 ART