Solved

access-list quick Qs

Posted on 2004-10-11
3
142 Views
Last Modified: 2010-04-09
access-list out_in permit tcp any any

The above is bad?  i have a long list of access-lists that allow certain ports to certain IPs... and i noticed that one in there, i don't want this do i?

Also,

How would i allow a range of ports?

i tried

access-list out_in permit tcp any host 70.241.39.10 eq 7000-7020  and a few other variations, but no go.

Thanks,
Nick
0
Comment
Question by:NickUA
  • 2
3 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 250 total points
ID: 12286041
Assuming you are talking about a PIX,
No, you don't want anything that says "any any"

For a port range, just change the "eq" to 'range'
0
 
LVL 1

Expert Comment

by:Blackduke77
ID: 12701834
this is the command you want and yes remove that acl as it is allowing every thing in

access-list out_in permit tcp any host 70.241.39.10 range 7000 7020

hope this helps

0
 
LVL 79

Expert Comment

by:lrmoore
ID: 13703161
How's it going? Have you found a solution? Do you need more information?
Can you close this question?

http://www.experts-exchange.com/help.jsp#hs5

Thanks for attending to this long-forgotten question.

<-8}
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question