08-22-2019 10:58 PM
Hi All,
I have an query in the ACL for the below.
IP access-list Extended Newyear
10 permit tcp 10.125.31.0 0.0.0.63 eq 445 host 20.0.15.2- I have only seen the port number will be written at end followed by the host.
What is the meaning of this syntax?
08-23-2019 12:25 AM
Hi there,
The ACL simply states it will permit a connection when the source connection uses port TCP/445 and destination port TCP/any.
It is unusual to specify the source port but not out of the question.
cheers,
Seb.
08-23-2019 12:37 AM
My understanding of that entry would translate to -
A host coming from the 10.125.31.0/26 subnet with a source port of 445 going to a destination of 20.0.15.2 with any tcp port destination.
08-23-2019 12:38 AM
Hello Sathish,
in IP extended ACL the TCP or UDP port is positional:
if provided after the source address it means source TCP/UDP port if provided at the end after destination address it means destination TCP/UDP port.
This is something that is not clear at the beginning.
If traffic is coming from servers the well known port will be a source port, if traffic is going to servers the well known port will be a destination port.
Hope to help
Giuseppe
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: