CISCO question

Posted on 2006-05-13
Last Modified: 2013-11-29
The compnay network admin want to prevent computers on the subnet from accessing the subnet via FTP. All other hosts should be allowed to access. What commands should be entered on the router to accomplish this task?

need some explanation for the answer. thanks for thoses people who answer this question.
Question by:ittechlab
    LVL 12

    Accepted Solution

    access-list 2101 deny tcp eq 21
    access-list 2101 permit ip any any
    int (interface where sits)
    ip access-group 2101 in

    Author Comment

    I don't why the following answer is right?

    access-list 101 deny tcp eq ftp
    Router(config)#access-list 101 permit ip any any
    Router(config)#interface fa0/0
    Router(config-if)#ip access-group 101 in
    LVL 12

    Expert Comment

    ftp is tcp/21; I just specified it explicitly since ftp-data could factor in, etc.

    Access-list number doesn't matter, as long as it's not in use for some other purpose and you choose a valid number in the extended IP ACL range.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Free Trending Threat Insights Every Day

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    The article explains the protocols and technology which is involved when two computers on different TCP/IP networks communicate with each other. In the diagram, a router is used to segregate two networks. The networks are and 192…
    Let’s list some of the technologies that enable smooth teleworking. 
    Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now