06-14-2018 08:07 PM - edited 03-03-2019 08:49 AM
Hello, Can you tell me the difference between these two ACL statements? Usually the port is after the destination address but I've seen examples of DNS ACLs with the port in between the source and destination. Are DNS ACLs the only ACLs that can be structured this way? Thank you.
access-list 112 permit tcp any any eq domain
access-list 112 permit tcp any eq domain any
Solved! Go to Solution.
06-14-2018 09:07 PM
Hi,
The first entry permits tcp traffic from any source to any destination port 53. The second entry permits tcp from any source on port 53 to any destination
This is very common in access list when you want to specify source or destination addresses. If you want to be more granular you can specify source ip address source port and destination ip destination port
e.g.
access-list 112 permit tcp any eq domain any eq domain
Thanks
John
06-14-2018 09:07 PM
Hi,
The first entry permits tcp traffic from any source to any destination port 53. The second entry permits tcp from any source on port 53 to any destination
This is very common in access list when you want to specify source or destination addresses. If you want to be more granular you can specify source ip address source port and destination ip destination port
e.g.
access-list 112 permit tcp any eq domain any eq domain
Thanks
John
06-15-2018 07:10 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide