RE: FTP ports

From: Yakout esmat (yesmat@xxxxxxxxxxxxxx)
Date: Sat Jul 13 2002 - 07:58:10 GMT-3

• Next message: Yakout esmat: "RE: ipx problem"
• Previous message: Yakout esmat: "RE: ip local policy/nat"
• Maybe in reply to: Jerry Mattos: "FTP ports"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
First access-list does not allow for any ports greater than 1024 which means
that traffic from host to FTP server using any of these ports as source will
be blocked.

Second access-list is more like it, it allows for port 20 and also ports
greater than 1024, you might also want to add port 21 for ftp-control
connection

Yakout

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Jerry Mattos
Sent: Saturday, July 13, 2002 4:36 PM
To: ccielab@groupstudy.com
Subject: FTP ports

hello y'all,

quick question regarding ftp, if i set up an access list to allow only a ftp
session which would be considered more precise and why???

access-list 101 permit tcp any any range 20 21

or

access-list 101 permit tcp any any eq ftp
access-list 101 permit tcp any any gt 1023

thanks,

Jerry

• Next message: Yakout esmat: "RE: ipx problem"
• Previous message: Yakout esmat: "RE: ip local policy/nat"
• Maybe in reply to: Jerry Mattos: "FTP ports"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:36:28 GMT-3