cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
271
Views
0
Helpful
1
Replies

Extended Access list

Yannick Vranckx
Level 2
Level 2

Hello,

I would like to know if i could make a rule that would allow certain ports instead of IP's.

The IP would not matter, just the port.

Would something in the lines of this work?

100 permit tcp 192.168.1.0 0.0.0.255 any eq 443

Or even put a range of ports in there?

100 permit tcp 192.168.1.0 0.0.0.255 any range 443,157

1 Reply 1

Richard Burts
Hall of Fame
Hall of Fame

Yes it is legitimate to create an extended access list which permits any IP and permits or denies based on tcp or udp port. So with the correct syntax both of the examples you suggest could work.

HTH

Rick

HTH

Rick