server or the
client open the data connection (TCP)? I assume that in passive mode,
the client opens the connection and in normal mode, the server opens
connection. How is port FTP-DATA used? Is that port always used on the
server side?
access-list 101 permit tcp any host a.b.c.d eq ftp
access-list 101
Hello,
What does this access list do?
neighbor ?.?.?.? route-map ? in
route-map ?-in permit 10
match ip address 5
access-list 5 permit 0.0.0.0
Does it mean permit nothing, or does it mean permit default route? Or
am I way off? I think it's there to block everything.
Thank You,
Hello,
What does this access list do?
neighbor ?.?.?.? route-map ? in
route-map ?-in permit 10
match ip address 5
access-list 5 permit 0.0.0.0
Does it mean permit nothing, or does it mean permit default route? Or
am I way off? I think it's there to block
everything.
Thank You,
to use access list do I need some extra ios feature like IP Plus or
something.
Swapnil Jain
(CNE, MCSE, CCNA)
ICQ# 45074571
___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http
Hi all,
I have a router that has 2 ether interface - 0 and 1. 0 connect to
outside and 1 to inside.
I set up an access list like below:
access-list 101 deny any any
interface Ethernet0
ip access-group 101 in
I expect that will only allow applications like web browser initiate
connection from
when using an extended access-list what is the best way to write the
statement?
int s0
ip acces-group 113
!
access-list 113 deny tcp any host 2xx.7x.2x.4x eq 3000 log
access-list 113 deny tcp any host 2xx.7x.2x.4x eq 3001 log
access-list 113 deny udp any host 2xx.7x.2x.4x 0.0.0.0 eq 3000 any log
hello,
can some one explain the appropriate procedure of both writing an extended
and standard access-list
eventually, i will be responsible for applying acl's on ourproduction
(cisco) routers.
here's what i do know standard acl's reference source addresses and
extended acl'
Hi all,
We have an access-list that has to allow ony DNS and SMTP traffic to come
through. I have configured DNS successfully, but if I configure the Router
to allow SMTP traffic to an internal Host.it does not work. If SMTP has to
pass I have to open all the TCP ports.
Any Sugg. will be
Hi all,
We have an access-list that has to allow ony DNS and SMTP traffic to come
through. I have configured DNS successfully, but if I configure the Router
to allow SMTP traffic to an internal Host.it does not work. If SMTP has to
pass I have to open all the TCP ports.
Any Sugg. will be
Does anyone know of a good resource that explains extended access-list?
I'm having problems understanding how to take a range of networks and
reduce them in number by summarizing them. For example, if I want to
filter out all networks from 24.1.0.0 to 24.20.0.0, how would I
determine
ode, the server port is usually port 20, although
it need not be per the RFC. In passive mode FTP, the server port
is a randomly chosen high-numbered port.
>
> access-list 101 permit tcp any host a.b.c.d eq ftp
> access-list 101 permit tcp any host a.b.c.d eq ftp-data
>
> Wi
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
All,
For some reason I am having problems with a seemingly simple access-list and
any help is extremely appreciated. When I applied the list, It blocked www
access (intranet www worked fine) to all except the BDC and the Exchange
server. I assume I made a mistake with the wildcard mask.
My stub
Hello all,
I have a problem that I want to apply user profile on a dial up user as I use
AS5300 access server. This may be done by a command or by applying access list
on the access server but instead of the source IP I need to use the user
name.
Any help how to do it
Dear all,
I need to restrict my users to be able to use all chat sevrices and have no
browsing or ftp things, how do you think i can built my access list to do
so?
Do I have to mention host addresses or I can control it through opening
access to specific ports only>
Thanks for your help
Hi all,
I was just wondering is there a way to specify a range of ip addresses in an
access list. Say for instance that I am using an RFC1700 address
192.168.100.0/24 and I want to block ip addresses 192.168.100.100 -
192.168.100.254 from going out to 0.0.0.0 do I have to manually do 154
Hi,
I don't think it does much.
I think it will permit all.
Teunis
Hobart, Tasmania
Australia
On Tuesday, January 09, 2001 at 02:52:09 PM, [EMAIL PROTECTED] wrote:
> Hello,
>
> What does this access list do?
>
> neighbor ?.?.?.? route-map ? in
> route-map ?-
gt;
>On Tuesday, January 09, 2001 at 02:52:09 PM, [EMAIL PROTECTED] wrote:
>
>> Hello,
>>
>> What does this access list do?
>>
>> neighbor ?.?.?.? route-map ? in
>> route-map ?-in permit 10
>> match ip address 5
>> access-list 5 permi
I also think it will permit all because in access-list
we use wild card bits and 0.0.0.0 simply means
255.255.255.255 which literally means permit all
hope it helps
suaveguru
--- Jaeheon Yoo <[EMAIL PROTECTED]> wrote:
> Hi, Tony
>
> I think it will permit only default route
Hi, all
Well, this is from cisco site:
To specify a large number of individual addresses more easily, you can
omit the wildcard if it is all zeros. Thus, the following two
configuration commands are identical in effect:
access-list 2 permit 36.48.0.3
access-list 2 permit 36.48.0.3 0.0.0.0
Actually the implied mask is all 0's - so this acl will only permit a route
which is all 0's - or normally the default route.
Kenny
"suaveguru" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I also think it will permi
Hi,
I must be missing the point.
I thought a default route was telling the device go here for all routes I don't know
about. Does that not imply any not excluded and the access-list as I understand it
does not exclude any until the perfit default which I would take to read permi
default route was telling the device go here for all routes I don't know
>about. Does that not imply any not excluded and the access-list as I understand it
>does not exclude any until the perfit default which I would take to read permit any.
>
>Teunis
>Hobart, Tasmania
&
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Hi all,
I want to build an access list on a cisco router that
will log all the denied traffic to a file/server. Can
this be done on the implicit deny statement or I have
to define the deny traffic.
Thanks
Adam
__
Do You Yahoo!?
Get email at
Hi
what does the "access-list 100 permit ip host 0.0.0.0 host 0.0.0.0"
applied to an interface do?
Is it only permitting the default route going through ?
Thanks in advanced
Hubert
**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstud
Hi
what does the "access-list 100 permit ip host 0.0.0.0 host 0.0.0.0"
applied to an interface do?
Is it only permitting the default route going through ?
Thanks in advanced
Hubert
**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstud
Hi,
I am just a beginner. I have a question is that should I need to type
any command to "enable" using ip extended access-list?
It is because when I add an ip access-group for standard access-list on
an interface, it works and no side-effect. But when I add an extended
access-
Hi All
Which one of the access-list is normally use?
Example 1
---
access-list 102 permit tcp any host 172.16.0.1 eq 80
access-list 102 permit tcp any host 172.16.0.1 eq 53
Example 2
---
access-list 102 permit tcp any gt 1023 host 172.16.0.1 eq 80
access-list 102
able to see D, E & F but not Router B
and A.
I need Router A & B to be able to see the full network.
Oh Router C, D, E & F only run CLNS.
My guess is to put an outbound access list of some sort onto Router B. BUT
What type of access list. Is it a protocol type list? If so wha
Jain,
No need ,Just standard Ip OS is ok.
dean
swapnil wrote:
> to use access list do I need some extra ios feature like IP Plus or
> something.
>
> Swapnil Jain
> (CNE, MCSE, CCNA)
> ICQ# 45074571
>
> ___
> UPDATED Posting Guidelines
Hi everybody. I wonder if someone could assist me. I have to add an entry
to an access list with an additional deny all statement at the end so I have
to edit the list and bring it back in. I've used both QVT term and
Hyperterm to access the router. And I've used Note pad and W
I want to create an access list such that a user can ping out and get a
response, but at the same time to be able to not have anyone to ping in. I
tried an access list denying icmp for IN on that interface, but that totally
stops the pings from going out or in. Any assistance on how I can
Hi all
Does any one know if there are any
access lists to configure on the cisco 775 Isdn router?
(I have a cisco 775 for the connection to the Internet and I
want to block ICQ from my LAN)
Jack Svolakis
CCNA, CCDA.
PROTECTED]
Subject: Access list
Hi all,
I have a router that has 2 ether interface - 0 and 1. 0 connect to
outside and 1 to inside.
I set up an access list like below:
access-list 101 deny any any
interface Ethernet0
ip access-group 101 in
I expect that will only allow applications like w
Can someone explain to me how to interrupt the subnet mask for this access
list.
permit udp host 194.72.72.33 194.72.6.160 0.0.0.15
Thank you.
Rose
___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription
I am aware that access lists have a deny all implicitly applied at the end.
I am also aware that if you enable an access list for http access to the
switch there is also an implicit deny all at the end. But my question is
does this also apply to terminal access list?
I would also like to know
hi,
anyone knows how to interpret the access-list below :
access-list 101 160.0.0.0 0.255.255.255 255.0.0.0 0.0.0.0
Jason
___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http
tp://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/s
ecur_c/scprt3/scacls.htm
Bob
- Original Message -
From: David Jackson <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, September 10, 2000 9:06 PM
Subject: Access list
> hello,
>
> can
& Karen Timmons <[EMAIL PROTECTED]>
To: David Jackson <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Sunday, September 10, 2000 9:48 PM
Subject: Re: Access list
> That's a pretty open-ended question. I don't think one could answer this
> in an email. Your
Incidentally, I have read somewhere--possibly this list--that the McGraw
Hill book contains almost all the material necessary to pass the CCNP
Security specialization exam. The only exam material that isn't covered in
the book is PIX firewall information. Just what I've heard.
~Seth~
CCNA, MCSE
AIL PROTECTED]>
Reply-To: David Jackson <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Access list
Date: Sun, 10 Sep 2000 21:06:06 -0400
hello,
can some one explain the appropriate procedure of both writing an extended
and standard access-list
eventually, i will be responsible
I have used uncommon subnets vey little, and have forgotten part of my mask stuff.
If I have this:
Access-lst 101 deny ip 192.189.243.64 255.255.255.192 any
I know that the mask is not done the proper way. Can somegive me a refresher on how to get the proper inverse mask for this access
as to when you would ever be
able to get any use out of using a wildcard mask on
the host portion of an IPX address in an access list.
What I mean by that is I can understand its use in IP
since you assign the Network.Host number but since IPX
uses the BIA of the card for the host, the odds of
having
Title: Access List & Catalyst
Hi, all.
Is there a way to implement access-lists on Catalyst ports/VLAN's? Just curios because I could
not find any reference to ACL in the IOS documentation for the switch.
My goal is actually to be able to say to a switch,"Only allow this MAC
Hi Sanjay,
Could you post your list so we can take a look?
Irwin
-Original Message-
From: Sanjay.Padmanabhan
[mailto:[EMAIL PROTECTED]]
Sent: Friday, July 07, 2000 8:02 AM
To: [EMAIL PROTECTED]
Subject: Access-list
Hi all,
We have an access-list that has to allow ony DNS and SMTP
Is there anyway to remove a specific line from an access list without
erasing the entire thing. Thanks in advance.
Best Regards,
Scott M. Trieste
___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription
Title: SMTP access list
Hi, all.
Just to verify my understanding of extended access-lists: this continues to parse the entries even
after a match has already been found, so if the first few lines have a "permit" and later down the last few lines it encounters a "deny", wha
There are several books on the topics and I maintain a list of on-line
resources at http://www.itprc.com/security.htm
Irwin
-Original Message-
From: Ronnie Toolte [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 12, 2000 1:26 PM
To: [EMAIL PROTECTED]
Subject: access-list ?
Does anyone
TECTED]]
> Sent: Wednesday, July 12, 2000 12:26 PM
> To: [EMAIL PROTECTED]
> Subject: access-list ?
>
>
> Does anyone know of a good resource that explains extended
> access-list?
> I'm having problems understanding how to take a range of networks and
> reduce t
following will work for TCP:
access-list 101 tcp permit any 141.120.0.0 0.0.7.255
access-list 101 tcp permit any 141.120.128.0 0.0.7.255
I want to condesnse this to a single statement as follows:
access-list 101 tcp permit any 141.120.0.0 0.0.135.255
Will this work?
For example 141.120.9.2 should
Been trying to put a restrictive access list for telnet on a 3524. The IOS
is not the same as our 6500 (obviously I know) and can't find a good example
on the cisco page! Just want to restrict telnet from this network to this
particular host.
network 172.20.20.x /24
host (the
yes, I see that my wildcard mask is all screwed up, I'm sending this from
home and now I'm not sure if it's just a typo on my part or I actually typed
it in like that on the router ;-(
Tim
"Timothy Metz" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
___
What is this IPX SAP access-list mean ?
access-list 1001 deny 640
access-list 1001 permit
I fund this in a book and I could not find the service type 640.
Thanks
_
Get more from the Web
Is there a Cisco MIB that contains the information of an access-list ?
My aim is to obtain the contain of an access-list (in this case, "IP
precedence" information) in order to get CAR (Commited Access Rate)
statistics on a "class of service" basis.
Moreover, is there someon
, etc with
a Class C mask. The router is also NATing the 10.0.x.0 address
to a Public IP Pool. The client wants to prevent any traffic from
being routed between subnets. (i.e. 10.0.1.0 can not talk to 10.0.2.0 or
10.0.3.0 and vice versa.)
What is the access list to prevent the subnets from
ll have to find out
the ports they use and block those. Don't forget the implicit "Deny All"
that's taken for granted with each access list, so after blocking those
ports you'll have to insert an allow all statement as well.
Hope this helps. Refer to IOS documentation
Are you using a PIX?
""Very Gentle Guy"" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Dear all,
>
> I need to restrict my users to be able to use all chat sevrices and have
no
> browsing or ftp things, how do y
I think you need an extended access list for this. try this and it should
block browsing and ftp'ing and allow all other traffic out of your specified
interface;
Router#conf t
Router(config)#access-list 110 deny tcp to
eq
Router(config)#access-list 110 deny tcp to
eq
Router(config)#a
, Edward Gomez wrote:
> Hi all,
>
> I was just wondering is there a way to specify a range of ip addresses in an
> access list. Say for instance that I am using an RFC1700 address
> 192.168.100.0/24 and I want to block ip addresses 192.168.100.100 -
> 192.168.100.254 from going out to
Edward,
You can configure a single access list for the last 128 addresses (129 thru
254). Then another access list could be used for say 97 thru 128. You need
to think in binary to do this, 100 is not an easy binary number to deal
with!
Regards
James Kilby
s just wondering is there a way to specify a range of ip addresses
in an
> > access list. Say for instance that I am using an RFC1700 address
> > 192.168.100.0/24 and I want to block ip addresses 192.168.100.100 -
> > 192.168.100.254 from going out to 0.0.0.0 do I have
Andy and Edward are both correct. It is much easier if you were trying to
block address that fall on specific subnet blocks. To specifically block
your range 192.168.100.100 - 192.168.100.254 you would need:
The basic concept of access list wildcard masks is that any 0 in the mask
means the
blocks. To specifically block
> your range 192.168.100.100 - 192.168.100.254 you would need:
>
> The basic concept of access list wildcard masks is that any 0 in the mask
> means the address bit has to match, and any 1 in the mask means you don't
> care.
__
hmmm,
perhaps some comments?
depends on your needs, you could...
deny addresses 192.168.100.100 - 255 ?
deny 192.168.100.128/25 denies 128-255
deny 192.168.100.100/30 denies 100-103
deny 192.168.100.104/28 denies 104-119
deny 192.168.100.120/29 denies 120-127
permit all
or you could,
perm
c subnet blocks. To specifically
block
> > your range 192.168.100.100 - 192.168.100.254 you would need:
> >
> > The basic concept of access list wildcard masks is that any 0 in the
mask
> > means the address bit has to match, and any 1 in the mask means you
don't
&
Hi everybody,
I am having an issue with the following access list. I am trying to put an
ACL on my frame router that can limit which network inside my company a
partner
can access. I basically want any traffic coming from 192.168.50.0 to be able
to go to 192.168.5.0. When I apply the access list
The following is an access-list entered on a Cisco router: access-list 135
deny tcp 172.16.16.0 0.0.15.255 172.16.32.0 0.0.15.255 eq telnet access-list
135 permit ip any any br>Which of the following would not apply if this
access-list is used to control incoming packets on ethernet 0?
What are the "valid" access-list block sizes?
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Hello Everybody,
I would like to insert an access list between two Fastethernet ports at
Cisco 2621 but here the important criteria is there will be no ip routing in
the router just only the bridging protocol must be running.Could it be
possible use access list over the interfaces which are just
At 10:50 AM 1/16/2001 -0800, Adam Wang wrote:
>Hi all,
>
>I want to build an access list on a cisco router that
>will log all the denied traffic to a file/server. Can
>this be done on the implicit deny statement or I have
>to define the deny traffic.
At the bottom of your
I guess you need to explicitly defined in the
access-list as you need a log keyword after each line
of access-list to log activities on access list
suaveguru
--- Adam Wang <[EMAIL PROTECTED]> wrote:
> Hi all,
>
> I want to build an access list on a cisco router
> that
Interesting. If I have a named access-list, it would appear I cannot do a
debug
Debug ip packet ?
(1-199) access-list
(1300-2699) access list extended range
detail
(cr)
Chuck
http://www.1112.net/lastpage.html
_
FAQ, list archives, and subscription info
thread?
2. Is it true?
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Chuck Larrieu
Sent: Friday, January 19, 2001 11:29 AM
To: Cisco Mail List
Subject: FW: access-list debugs
Interesting. If I have a named access-list, it would appear I cannot do a
debug
""Hubert Pun"" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi
>
> what does the "access-list 100 permit ip host 0.0.0.0 host 0.0.0.0"
> applied to an interface do?
I can't think that it would
I think that would let all traffic through
Duck
- Original Message -
From: Hubert Pun <[EMAIL PROTECTED]>
To: Cisco Study Group <[EMAIL PROTECTED]>
Sent: Monday, September 25, 2000 10:16 AM
Subject: access list command
> Hi
>
> what does the "access-list
No getlemen... that access list would actually deny everything by itself.
The reason for this is the symantic mistake in the statement. You have
specified the key word host. This means that it's going to permit your
packet if your host ip is 0.0.0.0 (will never happen) and only if it goes
packets without a 0.0.0.0 source address.
>
>
> > Hi
> >
> > what does the "access-list 100 permit ip host 0.0.0.0 host 0.0.0.0"
> > applied to an interface do?
> >
> > Is it only permitting the default route going through ?
> >
> >
How is the access list used?
access group?
route map?
distribute list?
filter list?
depending on how it's used depends on what it does. It could deny all
traffic. Deny all route updates except the default route, or allow all
routes except default routes.
Before anyone questions that
Hi Group, is there somekind of Access-List How To somewhere that you can
refer me to?
And also, to the ones who helped me install BGP, it works like a charm.
Thank you for your advice!
MGR
**NOTE: New CCNA/CCDA List has been formed. For more information
If you are trying to create an access-list that blocks incoming icmp (pings)
then you must allow icmp echo replies back in. Are you sure you are not
sending pings out and they are simply not allowed to return? Check that
first (with debugs on both ends) Another possibility would be that you
Try this for a start.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/np1_c/1cprt2/1cip.htm#xtocid1182915
Martin-Guy Richard wrote:
>
> Hi Group, is there somekind of Access-List How To somewhere that you can
> refer me to?
>
> And also, to the one
Hi,
Once I apply the extended list on an interface for "IN" traffic, is it
implicitly block all incoming traffic on that interface?
I also want to know, for example.
access-list 110 permit tcp any any neq telnet
1. ip access-group 110 in
2. ip access-group 110 out
For 1, the s
ge
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi,
>
> Once I apply the extended list on an interface for "IN" traffic, is it
> implicitly block all incoming traffic on that interface?
>
> I also want to know, for example.
> access-list 110 permit tcp any any
-Original Message-
From: Abruzzese, John
Sent: Wednesday, September 27, 2000 8:14 AM
To: Raymond Mak
Subject: RE: About access-list
When you apply an access-list to an interface all traffic, for instance
in-bound, is blocked. After specifying what address(s) you wanted to filter
did
Title: Access-list and switching
Hi, group.
Is there a way to implement access-list type of security on Catalyst 2924?
I know that to do Layer -3 switching will need at least the 4000 series.
Short of implementing a VLAN, is there a way I can tell the port or switch to allow only certain IP
53 is only used for zone transfers between a 2ndry and a
primary DNS server. Normal lookups, the type done by the majority of hosts
on the net, use UDP port 53.
Tom
At 10:28 PM 10/30/2000 +0800, GNOME wrote:
>Hi All
>
>Which one of the access-list is normally use?
>
checking the destination port/address is good enough.
Brian
On Mon, 30 Oct 2000, GNOME wrote:
> Hi All
>
> Which one of the access-list is normally use?
>
> Example 1
> ---
> access-list 102 permit tcp any host 172.16.0.1 eq 80
> access-list 102 permit tcp any ho
receive this packet, it will swap their "form port
#" to "destination port #" and vica versa
so the example 1 and example 2 are exactly the same. As far as your example
concern, your access list
is for incoming traffic.
Sam Li
=
GNOME <[EMAIL PROTECTED]> wrot
, January 20, 1980 9:26 PM
To: GNOME; [EMAIL PROTECTED]
Subject: Re: * Access List Enquiry **
I think it is the normal practice because historically that was the only
capability which routers had (filtering on destination ports) and as the
IOS became more capable people were either
I want to allow a particular server to do DNS queries such that when they
type www.cisco.com or something like that, it will go to the specify DNS
server and find the ip address. I have an access list allowing port 53 for
tcp and udp and it doesn't work. Can anyone help. T
ROUTER E
>- ROUTER F
>
>O.k. All routers are level 2 only i.e. all in different domains / areas.
>What I require is for Router C to be able to see D, E & F but not Router B
>and A.
>I need Router A & B to be able to see the full network.
>
>Oh Router C, D, E &am
10.0.0.0. I created an
access-list as follows:
ip access-list extended LAN
deny tcp any any eq telnet
permit ip any any
Applied it to Router B on Fast Ethernet 0 interface this way:
interface FastEthernet0
ip access-group LAN in
ip access-group LAN out
Doing this I really blocked telnet
What mask would be used if you want to create an
access list where the IP addresses (128.252.0.0 to
128.252.240.0) would be blocked
pls support with explanation,
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=13564&
hi ,
hi i have made a access list to restrict telnet on my router from other
network but when i implemented on vty it was no working .Pls help
the acesslist wass
access-list 55 permit 202.157.78.0 0.0.0.128
line vty 0 4
access-class 55 in
but it restricted the whole network
Message Posted at
hi ,
hi i have made a access list to restrict telnet on my router from other
network but when i implemented on vty it was no working .Pls help
the acesslist wass
access-list 55 permit 202.157.78.0 0.0.0.128
line vty 0 4
access-class 55 in
i just want that my 202.157.78.0 to 128 should be able to
Folx,
A)I got 2 networks connected by a router.I apply access-group for both in
and out of the interface.
Is my assumption correct?
1)The access list for "in" would be processed when the packet leaves that
interface to diff network?
2)The access list for "out" wou
Title: SMTP access list
I think you need to have the 3rd line because if you do not,
then all other traffic will be denied.
""Shahir Boshra"" <[EMAIL PROTECTED]> wrote in
message 8khoes$ch4$[EMAIL PROTECTED]">news:8khoes$ch4$[EMAIL PROTECTED]...
E
r it's applied, and re-enable it after
the
change (personal experience).
Named Access List Example
The following configuration creates a standard access list named
Internet_filter and an extended access list named
marketing_group:
interface Ethernet 1
ip address 2.0.5.1 255.255.255.0
ip acces
I am not
sure about the correct commands for vty access control. Is the following
command correct to permit any device from network 192.88.54.0 to establish a
virtual terminal session with the router?
line vty 0
4
access-list
12 permit 192.88.54.0 0.0.0.255
line vty 0
4
access
1 - 100 of 817 matches
Mail list logo