topic do you have a real example? I in Network Security

ACL list

Mohammed Yusuf — Tue, 12 Mar 2019 04:09:08 GMT

Confused on the ACL, when to use tcp host and IP host in the access list I.e permit tcp host or IP host.

"tcp" is what it says, just

Karsten Iwen — Fri, 02 May 2014 12:08:24 GMT

"tcp" is what it says, just TCP. If you use "permit ip ..." in your ACL you allow all IP-protocols which is TCP/UDP/ICMP/GRE/ESP and so on.

Sorry if I was not clear. I

Mohammed Yusuf — Fri, 02 May 2014 13:40:01 GMT

Sorry if I was not clear. I have seen others using permit ip host 172.xx.xx.xx 23 host 192.168.xx.0 2000 and some use it like

permit tcp 172.xx.xx.xx 23 host 192.168.xx.0 2000 so that what confuses me. there maybe an explanation for me to better understand.

Sorry if I was not clear. I

Mohammed Yusuf — Fri, 02 May 2014 21:00:08 GMT

Sorry if I was not clear. I have seen others using permit ip host 172.xx.xx.xx 23 host 192.168.xx.0 2000 and some use it like

permit tcp 172.xx.xx.xx 23 host 192.168.xx.0 2000 so that what confuses me. there maybe an explanation for me to better understand.

Let me ask a question about a firewall rule. Which answer is right and why? Permit tcp host 10.10.10.254 eq 80 host 10.10.0.2 eq 5000 Permit IP host 10.10.10.254 eq host 10.10.0.2 eq 5000 Which would the right way to use and why?

do you have a real example? I

Karsten Iwen — Fri, 02 May 2014 21:00:09 GMT

do you have a real example? I assume that the 23 and 2000 should be ports which were allowed with "tcp" when you also use the keyword "eq". With "ip" there are no ports allowed. So it would be really important to know what you are referring to.