[c-nsp] access list help
Steve Bertrand
steve at ibctech.ca
Wed Feb 4 10:22:26 EST 2009
Deric Kwok wrote:
> Hi Steve
>
> Thank you.
>
> I don't understand why I can access http://192.168.0.115
> <http://192.168.0.115/> if this access-list is valid ?
>
> My access list doesn't block www traffic to http://192.168.0.115
> <http://192.168.0.115/>
> but block telnet / www to switch 192.168.0.118
>
> I also don't understand about "access-list 120 permit any any"
What type of switch is this? Please post the output of a:
# sh ip access-list
> If I have hundred access lists, I have to put this "permit any any" at
> the end of each of hundred access-list
Only if you don't permit first, and then let the implicit default deny
rule do its thing.
Steve
More information about the cisco-nsp
mailing list