?
Solved

Understanding access list entries cisco 2811

Posted on 2006-10-30
4
Medium Priority
?
796 Views
Last Modified: 2013-11-29
Hi all
I need to understand the purpose and function of these entries in my router 2811 cisco:
Please explain each line and what it is doing in my router:


access-list 101 permit tcp host 132.xxx.xxx.xxx any eq 123
access-list 101 permit tcp host 209.xx.xxx.xx any eq 123
access-list 101 permit tcp host 66.xxx.xxx.xxx host 64.xxx.xx.xx eq telnet
access-list 101 permit tcp host 64.xxx.xxx.xxxx host 64.xxx.xx.xx eq telnet
access-list 101 permit udp host 216.xxx.x.x eq domain host 64.xxx.xx.xx
access-list 101 permit udp host 216.xxx.xx.xx eq domain host 64.xxx.xx.xx

Thanks
0
Comment
Question by:amanzoor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 5

Accepted Solution

by:
risner_it earned 1000 total points
ID: 17839171
this pdf explain in great detail but i will explain one of your for you...http://i.cmpnet.com/nc/907/graphics/access.pdf

access-list 101 permit tcp host 132.xxx.xxx.xxx any eq 123

this is an access-list name 101 that permits tcp host 132.x.x.x to any ip on port 123
0
 
LVL 4

Author Comment

by:amanzoor
ID: 17839292
risner_it:
Thanks for the pdf file really useful, but a beginner like me needs to know what the actual lines are doing in my case;
-Please explain what is port 123 stands for and what is it doing, it is my concern as ip address 132.xxx.xxx.xxx is not from our domain.
-Please explain what is port 123 stands for and what is it doing, it is my concern as ip address 209.xx.xxx.xxx is not from our domain.
-The two telnets I am sure they belong to our isp, which can access the router in case of emergency change.
-Again what are the last two lines, please note that the 64.xxx.xx.xx is our routers external address.
Help
0
 
LVL 9

Assisted Solution

by:jasonr0025
jasonr0025 earned 1000 total points
ID: 17839576
udp port 123 is generally used for NTP "Network time Protocol"-but your access list is stating tcp 123?
A link to general port use of 123 http://www.auditmypc.com/port/udp-port-123.asp
Now for the last two lines "domain" represents dns traffic.  I would have expected to see tcp in that line instead of udp--kinda backwards with the top two's tcp

0
 
LVL 9

Expert Comment

by:jasonr0025
ID: 17839589
the 216.x.x.x addresses in the last 2 lines are probobly dns servers--I should have added this to the above
0

Featured Post

Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question