Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
464
Views
5
Helpful
1
Replies

dialer-list question

rmv72
Level 1
Level 1

‎02-05-2004 04:25 AM - edited ‎03-02-2019 01:22 PM

i have next-

access-list 101 permit ip any any

access-list 101 deny tcp any any eq ftp

dialer-list 1 protocol ip list 101

I've thought that ftp traffic will not be forwarded.

But after read next - ".. Remember that once a circuit is up, all traffic can cross. The access-list insn't used to filter the interface but instead filters the startup process". And i begun hesitate.From it following that ftp traffic will be forwarded. Is it right?

Labels:
0 Helpful
1 Reply 1

Georg Pauwen
VIP
VIP

‎02-05-2004 12:34 PM

Hello,

you are right, once the circuit is up, all traffic will be allowed to flow, unless you specify the access-list under the interface as well:

interface BRI0

ip access-group 101 in

In your case, FTP traffic will never be denied because the first line allows all traffic, causing a match, and the second line never to take effect. You have to switch the statements for the access-list to work:

access-list 101 deny tcp any any eq ftp

access-list 101 permit ip any any

HTH,

Georg

Customers Also Viewed These Support Documents