User's Manual
Example 4.69. Permit TCP
access-list 100 permit tcp any any
access-list 100 deny any any
interface FastEthernet 0 access-group 100 in
interface Wireless 0 access-group 100 in
Example 4.70. Permit TCP for a subnetwork
access-list 100 permit tcp 192.168.1.0 0.0.0.255 any
access-list 100 deny any any
access-list 101 permit tcp any any state established,related
access-list 101 deny any any
interface FastEthernet 0 access-group 100 in
interface Wireless 0 access-group 101 in
Example 4.71. Open various TCP and UDP ports
access-list 100 permit tcp 192.168.1.0 0.0.0.255 any eq 80 state new
access-list 100 permit tcp 192.168.1.0 0.0.0.255 any eq 110 state new
access-list 100 permit tcp host 192.168.1.25 any eq 25 state new
access-list 100 deny any any
access-list 101 permit tcp any any state established,related
access-list 101 deny any any
interface FastEthernet 0 access-group 100 in
interface Wireless 0 access-group 101 in
Note
TCP rules are usually closed by the rule that permits all established and related packets, which
is necessary for handling TCP connections in most cases.
4.8.1.3. Viewing ACL settings
The show access-list [87] command displays the contents of access control lists.
show access-list [list-id]
87
Configuration