The part where we want to allow the FTP servers to work for clients not on subnet 10.1.1.0/24
The workbook Proctor Guide's solution is Permit tcp 10.1.1.0 0.0.0.255 any established Where wouldn't the below be better? permit tcp 10.1.1.0 0.0.0.255 eq ftp-data any permit tcp 10.1.1.0 0.0.0.255 eq ftp any Especially since the last requirement is "All other traffic should be denied at the earliest point" The proctor Guide solution would allow other traffic?? GL
