We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is Why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 638 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

 

365 New Members signed up the last 30 days!

satisfaction-guaranteed

100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!


Forum Replies

  1. Thank you very much. This is really very good topic and it is very clear to me.

  2. Hello Rene

    Thanks for your feedback, and then, what’s the best way to get the port numbers of some particular applications?

     

    Thanks

    Dong

  3. Hi Dong,

    If you have “well known” applications like HTTP, FTP, telnet, SSH, etc. then it’s easy to look them up. You can google for the RFCs to find the official documentation. Here’s an example for HTTP:

    https://tools.ietf.org/html/rfc2616

    If it’s an application from some vendor, contact them…most of them offer an overview with addresses / protocols / port numbers that should be allowed. Here’s a good example from Airwatch:

    https://www.air-watch.com/downloads/resources/AirWatch-Install-Requirements-SaaS.pdf

    Hope this helps.

    Rene

  4. Hi Rene,

    Can you give me an example of using match not classification ?? and in situation we used it ??

  5. Hello Hussein.

    The match not criterion for a class map matching statement essentially says “anything that doesn’t match what follows”. It is similar to “not equal to” in programming or logic. If we use the example in the lesson, and the command entered was:

    R2(config-cmap)#match not access-group name TELNET

    then the result would be that the policy map would match everything EXCEPT what is found in the access-list named TELNET.
    In other words, the policy would match everything and would not match anything using port 23.

    It is just another tool to be able to ex

    ... Continue reading in our forum

5 more replies! Ask a question or join the discussion by visiting our Community Forum