Lo Ching wrote: > > Hi, > > Thanks your help. > > The port number eg, 1500, is just example. Sorry for making any > confuse. > > By the way, if I omitted the first entry in this ACL > > access-list 102 permit tcp any any gt 1023 established > access-list 102 permit tcp any any eq telnet > > interface s0 > ip access-group 102 in > > Will the inbound traffic be blocked (implicit deny any at the > end) as I only allow telnet in this ACL?
You have to apply the ACL to the vty line to allow telnet into the router, so it won't have any affect on incoming traffic from HQ to the LAN. If that weren't the case, then yes, I see why you would want that line. I understand now why you had it in there. Good luck with it. Priscilla > > The first entry I want to ensure that the TCP connection > initiated from the LAN1 can be connected back. > > Thanks. > > rgds, > Lo Ching > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66621&t=66584 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
