#access-list 101 permit tcp host 192.168.1.1 10.1.1.0
0.0.0.255 eq 80
#access-list inside-in line 1 extended permit tcp host
192.168.1.1 10.1.1.0 255.255.255.0 eq http
Notes:
- Theoretically ACL and Firewall rule are the same
- Access-list use wildcast mask (stateless packet filtering)
- Firewall rule use subnet mask (stateful packet filtering)
- Same logic apply
- access-list < name or number > permit or deny < from here > < to there >
- zone based, stateful and object are famous features of Cisco ASA firewall.
No comments:
Post a Comment