Solved

access-list quick Qs

Posted on 2004-10-11
3
145 Views
Last Modified: 2010-04-09
access-list out_in permit tcp any any

The above is bad?  i have a long list of access-lists that allow certain ports to certain IPs... and i noticed that one in there, i don't want this do i?

Also,

How would i allow a range of ports?

i tried

access-list out_in permit tcp any host 70.241.39.10 eq 7000-7020  and a few other variations, but no go.

Thanks,
Nick
0
Comment
Question by:NickUA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 250 total points
ID: 12286041
Assuming you are talking about a PIX,
No, you don't want anything that says "any any"

For a port range, just change the "eq" to 'range'
0
 
LVL 1

Expert Comment

by:Blackduke77
ID: 12701834
this is the command you want and yes remove that acl as it is allowing every thing in

access-list out_in permit tcp any host 70.241.39.10 range 7000 7020

hope this helps

0
 
LVL 79

Expert Comment

by:lrmoore
ID: 13703161
How's it going? Have you found a solution? Do you need more information?
Can you close this question?

http://www.experts-exchange.com/help.jsp#hs5

Thanks for attending to this long-forgotten question.

<-8}
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
PCI Compliance and Open SQL ports 8 86
firewall inside of network 9 87
Which the best UTM recommended ? 2 140
Windows ADHow to restrict port 6881 bit Torrent 3 44
Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question