Access-list: combine TCP and UDP ?

Discussion in 'Cisco' started by JF Mezei, Aug 23, 2009.

  1. JF Mezei

    JF Mezei Guest

    say I have:

    access-list 101 tcp deny any any eq 53
    access-list 101 udp deny any any eq 53

    Is there a way to combine this into a single entry in the access list ?
    Seems wasteful to have to duplicate access list entries to cover both
    TCP and UDP accesses.
    JF Mezei, Aug 23, 2009
    1. Advertisements

  2. JF Mezei

    Uli Link Guest

    Uli Link, Aug 23, 2009
    1. Advertisements

  3. JF Mezei

    Trendkill Guest can deny ip any any, so I would try:

    access-list 101 deny ip any any eq 53

    Never tried it....let me know if it works.
    Trendkill, Aug 23, 2009
  4. JF Mezei

    Uli Link Guest

    Nope, that's what I tested on IOS 12.4 mainline just before my reply,
    and the "eq" wasn't available.
    Uli Link, Aug 23, 2009
  5. JF Mezei

    Trendkill Guest

    Good call, did not think of it that way. Written a ton of ACLs over
    the years, but never really thought about ip vs. a specific protocol
    in terms of the modifiers. Thx.
    Trendkill, Aug 24, 2009
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.