yes i think saleah is rt
Thanking You
Yours Sincerely
Divin Mathew John
divinjohn_at_gmail.com
divin_at_dide3d.com
+91 9945430983
+91 9846697191
+974 5008916
PGP PUBLIC KEY BLOCK @ http://www.dide3d.com/divin_Public_PGP_key.txt
Sent from Bangalore, KA, India
On Fri, Apr 3, 2009 at 12:23 AM, Salah ElShekeil
<salah.elshekeil_at_gmail.com>wrote:
> Traffic distend to a web server
>
> Source port = random
>
> Distention port = 80
>
> Traffic coming from a web server
>
> Source port = 80
>
> Destination port = random
>
> �It will reply to the same client source port�
>
>
>
> HTH
>
>
>
> Salah
>
>
> On Thu, Apr 2, 2009 at 9:38 PM, naveen M S <navin.ms_at_gmail.com> wrote:
>
>> Thanks Divin. This is my understanding.
>>
>> WebClient---------------------------------WebServer
>>
>> 1) For Traffic flowing from Client to Server:
>> Src TCP port = Any
>> Dest TCP port = 80
>>
>> 2) For traffic flowing from Server to Client:
>> Src TCP port = 80
>> Dest TCP port = 80
>>
>> Is this correct ?
>>
>>
>> On Thu, Apr 2, 2009 at 11:19 AM, Divin Mathew John <divinjohn_at_gmail.com
>> >wrote:
>>
>> > I think destination Port would be more APT.! becoz to connect to a
>> normal
>> > HTTP webserver u wud use port 80 to connect to web server and not
>> > necessarily POrt 80 on your comp.!
>> > Thanking You
>> >
>> > Yours Sincerely
>> >
>> > Divin Mathew John
>> > divinjohn_at_gmail.com
>> > divin_at_dide3d.com
>> > +91 9945430983
>> > +91 9846697191
>> > +974 5008916
>> > PGP PUBLIC KEY BLOCK @ http://www.dide3d.com/divin_Public_PGP_key.txt
>> > Sent from Bangalore, KA, India
>> >
>> > On Thu, Apr 2, 2009 at 11:44 PM, naveen M S <navin.ms_at_gmail.com> wrote:
>> >
>> >> Group,
>> >>
>> >> I have trouble translating these statements to ACLs.
>> >>
>> >> 1) All HTTP traffic coming from Vlan 34.
>> >> 2) All HTTP traffic coming from R1 on Vlan 34.
>> >> 3) All HTTP traffic coming from Web Server on Vlan 34.
>> >> 4) All HTTP traffic going out to Vlan 34.
>> >> 5) All HTTP traffic going out to Web Server on Vlan 34.
>> >>
>> >> *Question is:*
>> >> Should I match both Source and Destination TCP port to 80 (or) just one
>> of
>> >> them ?
>> >> Assume Vlan 34 = 10.1.34.0/24, R1 = 10.1.34.1/24, WebServer =
>> >> 10.1.34.100/24
>> >>
>> >> My solutions is for the above are:
>> >>
>> >> a) Match source tcp port = 80 for incoming HTTP traffic
>> >> b) Match destination tcp port = 80 for outgoing HTTP traffic.
>> >>
>> >> 1) ip access-list extended V34_in
>> >> permit tcp 10.1.34.0 0.0.0.255 eq www any
>> >>
>> >> 2) ip access-list extended V34_R1_in
>> >> permit tcp 10.1.34.1 0.0.0.0 eq www any
>> >>
>> >> 3) ip access-list extended V34_WS_in
>> >> permit tcp 10.1.30.100 0.0.0.0 eq www any
>> >>
>> >> 4) ip access-list extended V34_out
>> >> permit tcp any 10.1.30.0 0.0.0.255 eq www
>> >>
>> >> 5) ip access-list extended V34_WS_out
>> >> permit tcp any 10.1.30.100 0.0.0.0 eq www
>> >>
>> >> Can someone please highlight the Source & Destination TCP ports for
>> HTTP
>> >> traffic in both directions ?
>> >>
>> >> Thanks very much,
>> >> Naveen.
>> >>
>> >>
>> >> Blogs and organic groups at http://www.ccie.net
>> >>
>> >> _______________________________________________________________________
>> >> Subscription information may be found at:
>> >> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Fri Apr 03 2009 - 00:46:45 ART