deny should come before permit
also to deny ftp not only must you block port 20 but also port 21 (ftp-data)
Jason Yee
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Sisqo
Sent: Tuesday, November 14, 2000 11:08 AM
To: [EMAIL PROTECTED]
Subject: acess list question
Access-list 101 permit ip any any
Access-list 101 deny tcp any any eq ftp
Why did the above list FAIL to prevent FTP?
_________________________________
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
