?
Solved

access-list quick Qs

Posted on 2004-10-11
3
Medium Priority
?
151 Views
Last Modified: 2010-04-09
access-list out_in permit tcp any any

The above is bad?  i have a long list of access-lists that allow certain ports to certain IPs... and i noticed that one in there, i don't want this do i?

Also,

How would i allow a range of ports?

i tried

access-list out_in permit tcp any host 70.241.39.10 eq 7000-7020  and a few other variations, but no go.

Thanks,
Nick
0
Comment
Question by:NickUA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 1000 total points
ID: 12286041
Assuming you are talking about a PIX,
No, you don't want anything that says "any any"

For a port range, just change the "eq" to 'range'
0
 
LVL 1

Expert Comment

by:Blackduke77
ID: 12701834
this is the command you want and yes remove that acl as it is allowing every thing in

access-list out_in permit tcp any host 70.241.39.10 range 7000 7020

hope this helps

0
 
LVL 79

Expert Comment

by:lrmoore
ID: 13703161
How's it going? Have you found a solution? Do you need more information?
Can you close this question?

http://www.experts-exchange.com/help.jsp#hs5

Thanks for attending to this long-forgotten question.

<-8}
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Suggested Courses

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question