07-25-2018 06:54 AM - edited 02-21-2020 08:01 AM
Hello,
I have a permit statement in my ACL - Access_in_2 permit tcp host X.X.X.1 host X.X.X.2 eq 1068 but I am getting the following denied statement,
Access_in_2 denied TCP Int_1/X.1(1068) -> Int_2/X.2(63055).
I am not sure why it is getting blocked. If anyone can tell me where I am going wrong, it would be greatly appreciated.
07-25-2018 07:32 AM
In this case, you will need to change the ACL to:
Access_in_2 permit tcp host X.X.X.1 eq 1068 host X.X.X.2
.1 is sending traffic from port 1068 and is being blocked.
07-25-2018 08:59 AM
Thanks Troy.
07-25-2018 09:09 AM
Also, since TCP is inherently bidirectional, check to make sure you're allowing both directions, either explicitly or using the "established" keyword in a separate ACL line.
07-25-2018 09:36 AM
Thanks :)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide