Hi all
I have been presented with following ACL and I am just wondering, are the three denies and final permit even required?
ip access-list extended VOIP permit udp host ExternIP eq 5060 host PublicIP permit udp host ExternIP eq 5061 host PublicIP permit udp host ExternIP eq 5060 host PublicIP permit udp host ExternIP eq 5061 host PublicIP deny udp any any eq 5060 deny udp any any eq 5061 deny udp any any eq 35060 permit ip any any I can quite wrap my head around it as the initial permits are allowing a specific external IP in and my assumption is there is an implicit deny anyway?
This is what's on the wan interface.
interface GigabitEthernet0/0 ip address PublicIP Mask ip access-group VOIP in 
No comments:
Post a Comment