Extended Access list
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-14-2016 11:37 AM - edited 03-08-2019 08:09 AM
Hello,
I would like to know if i could make a rule that would allow certain ports instead of IP's.
The IP would not matter, just the port.
Would something in the lines of this work?
100 permit tcp 192.168.1.0 0.0.0.255 any eq 443
Or even put a range of ports in there?
100 permit tcp 192.168.1.0 0.0.0.255 any range 443,157
- Labels:
-
Other Switching
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-14-2016 11:46 AM
Yes it is legitimate to create an extended access list which permits any IP and permits or denies based on tcp or udp port. So with the correct syntax both of the examples you suggest could work.
HTH
Rick
Rick
