Hello Everybody,
I have a segment that I want only established traffic to enter. This has
become quite confusing. I want ping, telnet, traceroute and DNS replies as
well as FTP. Heres what I currently have. Any feedback would be appreciated.
access-list 101 permit ip any 192.168.0.0 0.0.0.255 ----> Allowing IP
access-list 101 permit tcp any 192.168.0.0 0.0.0.255 established ------->
Allowing established TCP traffic
access-list 101 permit udp any 192.168.0.0 0.0.0.255 gt 1023 ---------->
Allowing DNS replies
access-list 101 permit icmp any any echo-reply ------> Allow ping reply
David Eitel
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=1718&t=1718
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
