Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
362
Views
0
Helpful
1
Replies

Access list Questions??

thaier1978
Level 1
Level 1

‎02-13-2005 07:07 AM - edited ‎02-20-2020 09:26 PM

Dear All,

Can you explain to me the use of this access lists:

1- permit tcp any any eq domain

2- permit tcp any any eq ftp-data

3- permit tcp any any eq ftp

Thank you,

Thaier

Labels:
0 Helpful
1 Reply 1

Patrick Iseli
Level 7
Level 7

‎02-13-2005 10:33 AM

Hi Thaier,

line 1 permits all DNS Zone transfer for anybody.

line 2 permits all FTP control data for anybody.

line 3 permits all FTP traffic for anybody.

Where have you applied this rule ? The any any statement could be depending on which interface this access-list is applied dangerous.

1.) After the last permit line will follow a deny any any. Note: You cannot see this line !

2.) This lines permits any ftp, ftpdata and zone transfer to all higher security interfaces.

security level outside = 0

security level dmz = 50

security level inside = 100

Example: this access-list would be on the outside interface. Then all internet users can access the protocols open in the access-list. But the internet users just can accees the hosts that have a valid NAT configuration. Note, that you need a static for that.

sincerely

Patrick

0 Helpful
Customers Also Viewed These Support Documents