Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
931
Views
0
Helpful
2
Replies

Extended ACL

Go to solution
sdasgupta
Level 1
Level 1

‎08-16-2011 06:20 AM - edited ‎03-07-2019 01:43 AM

Dear All,

Please help me out to get the information about the difference between 2 ACL as mentioned below:-

1. access-list 101 permit tcp any any eq 5900

2. access-list 101 permit tcp any eq 5900 any

NB:- The requirement to permit incoming VNC request for a VLAN, and the No.2 ACL is working fo rthe same, but I'm confused what is the difference between this 2 ACL.....the 1st one is not working for the VNC requirement.

Thanks & Regards,

Sujit

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
cadet alain
VIP Alumni
VIP Alumni

‎08-16-2011 06:26 AM

Hi,

the difference is in first the dst port is 5900 and in the second the src port is 5900.

Where are you applying this ACL and in which direction? don't forget there is an implicit deny all at the end so if there is no match on first ACE then it will match the implicit deny.

For VNC 5900 is the listening port so the dst port for a client connection.

Regards.

Alain.

Don't forget to rate helpful posts.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
cadet alain
VIP Alumni
VIP Alumni

‎08-16-2011 06:26 AM

Hi,

the difference is in first the dst port is 5900 and in the second the src port is 5900.

Where are you applying this ACL and in which direction? don't forget there is an implicit deny all at the end so if there is no match on first ACE then it will match the implicit deny.

For VNC 5900 is the listening port so the dst port for a client connection.

Regards.

Alain.

Don't forget to rate helpful posts.
0 Helpful

Go to solution
bau_saratov
Level 1
Level 1

‎08-16-2011 06:31 AM

1. Permits TCP packets from any source IP address and from any source TCP port to any destination IP address but only to the specified destination TCP port.

2. Permits TCP packets from any source IP address and from the specified TCP port to any destination IP address and any destination TCP port.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card