cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
693
Views
0
Helpful
4
Replies

ACL list

Mohammed Yusuf
Level 1
Level 1

Confused on the ACL, when to use tcp host and IP host in the access list I.e permit tcp host or IP host.

4 Replies 4

"tcp" is what it says, just TCP. If you use "permit ip ..." in your ACL you allow all IP-protocols which is TCP/UDP/ICMP/GRE/ESP and so on.

Sorry if I was not clear. I have seen others using permit ip host 172.xx.xx.xx 23 host 192.168.xx.0 2000 and some use it like

permit tcp 172.xx.xx.xx 23 host 192.168.xx.0 2000 so that what confuses me. there maybe an explanation for me to better understand.

Let me ask a question about a firewall rule. Which answer is right and why? Permit tcp host 10.10.10.254 eq 80 host 10.10.0.2 eq 5000 Permit IP host 10.10.10.254 eq host 10.10.0.2 eq 5000 Which would the right way to use and why?

do you have a real example? I assume that the 23 and 2000 should be ports which were allowed with "tcp" when you also use the keyword "eq". With "ip" there are no ports allowed. So it would be really important to know what you are referring to.

Mohammed Yusuf
Level 1
Level 1

Sorry if I was not clear. I have seen others using permit ip host 172.xx.xx.xx 23 host 192.168.xx.0 2000 and some use it like

permit tcp 172.xx.xx.xx 23 host 192.168.xx.0 2000 so that what confuses me. there maybe an explanation for me to better understand.

Review Cisco Networking for a $25 gift card