Hi all,
I thought I was going mad today. In a customers network I saw the following in an access-list:
access-list 101 permit tcp 1.2.3.4 0.0.0.255 5.6.7.8 0.0.0.255 eq telnet
In the same access-list I found:
access-list 101 permit ip 1.2.3.4 0.0.0.255 any
Now surely this 'permit ip' entry would essentially render any entry above it pointless for that address range because it's just allowing any IP traffic through and it doesn't care if it's TCP or UDP? The 'permit tcp' entry was first but this wasn't just for 'logging'... I feel like perhaps i'm being a little silly here and missing the point?
Also, if I have the following:
access-list 101 permit tcp 1.2.3.4 0.0.0.255 5.6.7.8 0.0.0.255 eq 23
is my return list going to be:
access-list 101 permit tcp 1.2.3.4 0.0.0.255 eq 23 5.6.7.8 0.0.0.0.255?
I know this is really simple configuration, I've just over-thought it and now completely lost my train of thought.
Thanks for your time,
Adam