 |
|
HTTP, Telnet, and SMTP all use TCP as the Transport layer
protocol, with port numbers 80, 23, and 25, respectively. The port
numbers listed are the port numbers that the host daemon program
listens to for requests. When a client PC wants to establish an HTTP
session with a Web server, for example, it will send a TCP request
destined for port 80 addressed to the IP number of the Web server.
The source port number used by the client PC is a random number in
the range of 1024 to 65,535. Each end of the communication will be
identified with an IP address/port pair. In this configuration, we
are not concerned with restricting packets going out onto the
Internet; we are interested only in restricting what comes in. To do
that, we create an accesslist that permits connections using TCP
ports 80, 23, and 25 to the IP address of the information server
only, and apply that access list to packets inbound on the Serial 0
port of router 1. The access list is created in global configuration
mode as follows: |
| |