> Canned configuration:
> access-list xxx permit tcp host A host B eq telnet
> access-list xxx permit tcp host B eq telnet host A gt 1023 established
> access-list xxx permit tcp host A host B eq ftp
> access-list xxx permit tcp host B host A ftp-data
> access-list xxx deny ip any any
>
In case it's relevant to any one, "gt" and "established" could
not be used in the same rule until IOS 10.3.
--
W.C. Epperson "I have great faith in fools.
Chief of Systems Engineering Self-confidence, my friends call it."
Security Officer Emeritus --Edgar Allen Poe--
Curmudgeon-for-Life
Virginia Dept. of Education
[EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
