Solved

Understanding access list entries cisco 2811

Posted on 2006-10-30
4
780 Views
Last Modified: 2013-11-29
Hi all
I need to understand the purpose and function of these entries in my router 2811 cisco:
Please explain each line and what it is doing in my router:


access-list 101 permit tcp host 132.xxx.xxx.xxx any eq 123
access-list 101 permit tcp host 209.xx.xxx.xx any eq 123
access-list 101 permit tcp host 66.xxx.xxx.xxx host 64.xxx.xx.xx eq telnet
access-list 101 permit tcp host 64.xxx.xxx.xxxx host 64.xxx.xx.xx eq telnet
access-list 101 permit udp host 216.xxx.x.x eq domain host 64.xxx.xx.xx
access-list 101 permit udp host 216.xxx.xx.xx eq domain host 64.xxx.xx.xx

Thanks
0
Comment
Question by:amanzoor
  • 2
4 Comments
 
LVL 5

Accepted Solution

by:
risner_it earned 250 total points
ID: 17839171
this pdf explain in great detail but i will explain one of your for you...http://i.cmpnet.com/nc/907/graphics/access.pdf

access-list 101 permit tcp host 132.xxx.xxx.xxx any eq 123

this is an access-list name 101 that permits tcp host 132.x.x.x to any ip on port 123
0
 
LVL 4

Author Comment

by:amanzoor
ID: 17839292
risner_it:
Thanks for the pdf file really useful, but a beginner like me needs to know what the actual lines are doing in my case;
-Please explain what is port 123 stands for and what is it doing, it is my concern as ip address 132.xxx.xxx.xxx is not from our domain.
-Please explain what is port 123 stands for and what is it doing, it is my concern as ip address 209.xx.xxx.xxx is not from our domain.
-The two telnets I am sure they belong to our isp, which can access the router in case of emergency change.
-Again what are the last two lines, please note that the 64.xxx.xx.xx is our routers external address.
Help
0
 
LVL 9

Assisted Solution

by:jasonr0025
jasonr0025 earned 250 total points
ID: 17839576
udp port 123 is generally used for NTP "Network time Protocol"-but your access list is stating tcp 123?
A link to general port use of 123 http://www.auditmypc.com/port/udp-port-123.asp
Now for the last two lines "domain" represents dns traffic.  I would have expected to see tcp in that line instead of udp--kinda backwards with the top two's tcp

0
 
LVL 9

Expert Comment

by:jasonr0025
ID: 17839589
the 216.x.x.x addresses in the last 2 lines are probobly dns servers--I should have added this to the above
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question