Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
625
Views
0
Helpful
3
Replies

Access-list

SathishkumarSaravanan0348
Level 1
Level 1

‎08-22-2019 10:58 PM

Hi All,

 

I have an query in the ACL for the below.

 

IP access-list Extended Newyear

10 permit tcp 10.125.31.0 0.0.0.63 eq 445 host 20.0.15.2- I have only seen the port number will be written at end followed by the host.

 

What is the meaning of this syntax?

 

 

Labels:
0 Helpful
3 Replies 3

Seb Rupik
VIP Alumni
VIP Alumni

‎08-23-2019 12:25 AM

Hi there,

The ACL simply states it will permit a connection when the source connection uses port TCP/445 and destination port TCP/any.

 

It is unusual to specify the source port but not out of the question.

 

cheers,

Seb.

0 Helpful

GRANT3779
Spotlight
Spotlight

‎08-23-2019 12:37 AM

My understanding of that entry would translate to -

 

A host coming from the 10.125.31.0/26 subnet with a source port of 445 going to a destination of 20.0.15.2 with any tcp port destination.

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎08-23-2019 12:38 AM

Hello Sathish,

in IP extended ACL the TCP or UDP port is positional:

if provided after the source address it means source TCP/UDP port if provided at the end after destination address it means destination TCP/UDP port.

This is something that is not clear at the beginning.

If traffic is coming from servers the well known port will be a source port, if traffic is going to servers the well known port will be a destination port.

 

Hope to help

Giuseppe

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card