Well,
In any circumstance, whatever device who generate traffic to any target,
this device will use
the port number greater than 1023 as the "From port #" and the "destination
port #" will be specific
like "80" or "53" etc...
when the target device receive this packet, it will swap their "form port
#" to "destination port #" and vica versa
so the example 1 and example 2 are exactly the same. As far as your example
concern, your access list
is for incoming traffic.
Sam Li
=========
GNOME <[EMAIL PROTECTED]> wrote in
message 8tk0jn$e29$[EMAIL PROTECTED]">news:8tk0jn$e29$[EMAIL PROTECTED]... >
Hi All> > Which one of the access-list is normally use? > > Example 1 > --------------- > access-list 102 permit tcp any host 172.16.0.1 eq 80 > access-list 102 permit tcp any host 172.16.0.1 eq 53 > > > Example 2 > --------------- > access-list 102 permit tcp any gt 1023 host 172.16.0.1 eq 80 > access-list 102 permit tcp any gt 1023 host 172.16.0.1 eq 53 > (notice the gt 1023) > > I saw from most of the books that Example 1 is common. I don't know what is > the normal practice generally > Appreciate if anyone can share with me his/her comments. Thanks alot > > Regards > Orion > [EMAIL PROTECTED] > > > > > _________________________________ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] |