Firewalls: Re: Newbie Cisco Access-List Question

Firewalls
(July 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Newbie Cisco Access-List Question
From:	Karl Janice <KJanice_+a_NYPP_+lKarl_Janice+r%NYPP @ mcimail . com>
Date:	Thu, 11 Jul 96 07:43 EST
To:	firewalls <firewalls @ greatcircle . com>

MHS:   Source date is:      11-Jul-96 08:32 EST

Yes, the order matters.

First come first serve. You would get all ports qt 1023 EXCEPT 2049.

______________________________ Reply Separator _________________________________
Subject: Newbie Cisco Access-List Question
Author:  jshaw (John M. Shaw) { NAME: John M. Shaw | EMS: INTERNET | MBX:
jshaw @
 dttus .
 com } at MCIMAIL
Date:    7/10/96 9:00 AM


     Assuming 2 lines with same source, s-mask, dest, and d-mask:

     access-list 101 permit tcp source s-mask dest d-mask gt 1023
     access-list 101 deny   tcp source s-mask dest d-mask eq 2049

     Which one takes precedence?
     Does the order matter?

     Any help would be greatly appreciated?

Indexed By Date	Previous:	Re: Firewalls-Digest V5 #412 From: Jen Woods <jenw @ choreo . ca>
Indexed By Date	Next:	Re: Dirty dogs From: gunni @ if . is (Gunnar Ingvi Thorisson)
Indexed By Thread	Previous:	Re: Re[2]: Newbie Cisco Access-List Question From: Michel Lavondes <lavondes @ tidtest . total . fr>
Indexed By Thread	Next:	[no subject] From: "Gary G. Hull" <ggh14854 @ ussun2f . glaxo . com>