Solved

Understanding access list entries cisco 2811

Posted on 2006-10-30
4
774 Views
Last Modified: 2013-11-29
Hi all
I need to understand the purpose and function of these entries in my router 2811 cisco:
Please explain each line and what it is doing in my router:


access-list 101 permit tcp host 132.xxx.xxx.xxx any eq 123
access-list 101 permit tcp host 209.xx.xxx.xx any eq 123
access-list 101 permit tcp host 66.xxx.xxx.xxx host 64.xxx.xx.xx eq telnet
access-list 101 permit tcp host 64.xxx.xxx.xxxx host 64.xxx.xx.xx eq telnet
access-list 101 permit udp host 216.xxx.x.x eq domain host 64.xxx.xx.xx
access-list 101 permit udp host 216.xxx.xx.xx eq domain host 64.xxx.xx.xx

Thanks
0
Comment
Question by:amanzoor
  • 2
4 Comments
 
LVL 5

Accepted Solution

by:
risner_it earned 250 total points
ID: 17839171
this pdf explain in great detail but i will explain one of your for you...http://i.cmpnet.com/nc/907/graphics/access.pdf

access-list 101 permit tcp host 132.xxx.xxx.xxx any eq 123

this is an access-list name 101 that permits tcp host 132.x.x.x to any ip on port 123
0
 
LVL 4

Author Comment

by:amanzoor
ID: 17839292
risner_it:
Thanks for the pdf file really useful, but a beginner like me needs to know what the actual lines are doing in my case;
-Please explain what is port 123 stands for and what is it doing, it is my concern as ip address 132.xxx.xxx.xxx is not from our domain.
-Please explain what is port 123 stands for and what is it doing, it is my concern as ip address 209.xx.xxx.xxx is not from our domain.
-The two telnets I am sure they belong to our isp, which can access the router in case of emergency change.
-Again what are the last two lines, please note that the 64.xxx.xx.xx is our routers external address.
Help
0
 
LVL 9

Assisted Solution

by:jasonr0025
jasonr0025 earned 250 total points
ID: 17839576
udp port 123 is generally used for NTP "Network time Protocol"-but your access list is stating tcp 123?
A link to general port use of 123 http://www.auditmypc.com/port/udp-port-123.asp
Now for the last two lines "domain" represents dns traffic.  I would have expected to see tcp in that line instead of udp--kinda backwards with the top two's tcp

0
 
LVL 9

Expert Comment

by:jasonr0025
ID: 17839589
the 216.x.x.x addresses in the last 2 lines are probobly dns servers--I should have added this to the above
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Let’s list some of the technologies that enable smooth teleworking. 
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now