Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > access range ? Via object group ?

Reply
Thread Tools

access range ? Via object group ?

 
 
barret bonden
Guest
Posts: n/a
 
      09-24-2004
I have to open up a series of port numbers for a proprietary app sever; I
suppose I coiuld do something like

access-list dmz permit tcp any host 192.168.2.149 10000
access-list dmz permit tcp any host 192.168.2.149 10001
access-list dmz permit tcp any host 192.168.2.149 10002
etc...

or
access-list dmz permit tcp any host 192.168.2.149 range 10000 10005

but I've never seen range in any of my books ... do I have the syntax right
? Cisco does site it here but but I'm always cynical ...
http://www.cisco.com/univercd/cc/td/...sw/v_63/cmdref
/ab.htm#wp1067755

could one also use an object group ? Would it be a service ? as in

object group service mightwork tcp
port-object range 10000 10005

and then
access-list dmz permit tcp any host 192.168.2.149 object-group mightwork

?????




 
Reply With Quote
 
 
 
 
Walter Roberson
Guest
Posts: n/a
 
      09-24-2004
In article <(E-Mail Removed)>,
barret bonden <(E-Mail Removed)> wrote:
:I have to open up a series of port numbers for a proprietary app sever; I
:suppose I coiuld do something like

:access-list dmz permit tcp any host 192.168.2.149 10000
:access-list dmz permit tcp any host 192.168.2.149 10001

No, you would need 'eq' before the port numbers.

r
:access-list dmz permit tcp any host 192.168.2.149 range 10000 10005

That should work.

:but I've never seen range in any of my books ... do I have the syntax right
Cisco does site it here but but I'm always cynical ...

Using a port range on PIX works. Or go ahead and use an object group
if you want: that would give you the flexibility to later use
non-contiguous ranges.
--
Pity the poor electron, floating around minding its own business for
billions of years; and then suddenly Bam!! -- annihilated just so
you could read this posting.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How can I transform source range to destination range that is thesame as source? Lambda C++ 2 07-16-2008 05:18 PM
range() is not the best way to check range? Summercoolness@gmail.com Python 46 07-25-2006 08:10 PM
Scene range vs dynamic range Robert Feinman Digital Photography 2 07-04-2005 09:30 PM
How do I let people access the internet via an access point but not allow them access to my network yar Wireless Networking 4 09-21-2004 03:48 AM
Range does not take an Range object. Tomoyuki Kosimizu Ruby 3 11-27-2003 12:42 AM



Advertisments