Solved: What is the difference between wrting the port no. after source and after destination in ACL

dt2012800 · ‎09-17-2014

What is the difference between wrting the port no. after source and after destination in ACL

ex : permit tcp host 10.1.1.1 eq 1389 10.2.2..0 0.0.255.255

And

permit tcp 10.2.2..0 0.0.255.255 host 10.1.1.1 eq 1389

Akash Agrawal · ‎09-17-2014

permit tcp host 10.1.1.1 eq 1389 10.2.2..0 0.0.255.255

Will permit TCP traffic from source 10.1.1.1 and source port 1389 to destination 10.2.0.0/16

permit tcp 10.2.2..0 0.0.255.255 host 10.1.1.1 eq 1389

will permit TCP traffic to destination ip 10.1.1.1 and destination port 1389 from source pool 10.2..0./16

So port number after source tells about source port and port number after destination tells about destination port

--Pls dont forget to rate helpful posts--

Regards,

Akash

View solution in original post

Akash Agrawal · ‎09-17-2014

permit tcp host 10.1.1.1 eq 1389 10.2.2..0 0.0.255.255

Will permit TCP traffic from source 10.1.1.1 and source port 1389 to destination 10.2.0.0/16

permit tcp 10.2.2..0 0.0.255.255 host 10.1.1.1 eq 1389

will permit TCP traffic to destination ip 10.1.1.1 and destination port 1389 from source pool 10.2..0./16

So port number after source tells about source port and port number after destination tells about destination port

--Pls dont forget to rate helpful posts--

Regards,

Akash

dt2012800 · ‎09-17-2014

Awesome ...!!! Thanks

gargaditya · ‎07-10-2015

But if it is for eg.Telnet traffic..then how do we decide whether it is frm source side or destination side??wont it be telnet communication on both sides??

Joseph W. Doherty · ‎07-10-2015

See your posting: https://supportforums.cisco.com/discussion/12554126/acl-concept#comment-10635031