RE: [fw-wiz] Cisco acls
From: Ben Nagy (ben_at_iagu.net)
To: "'Eric Appelboom'" <email@example.com>, <firstname.lastname@example.org> Date: Wed, 2 Mar 2005 10:11:46 +0100
Also, as you paste in the ACL, the protection is applied incrementally (line
by line). A common mistake is to include a rule in the paste which kills the
connection you are pasting from - leading to "half pasted" ACLs.
I used to create new access lists as a separate number, change the 'ip
access-group blah in' statement on the interface where they are applied,
then delete the old one. Then again that's a while ago now, not sure if
there is a funkier way to do it these days.
> -----Original Message-----
> From: email@example.com
> [mailto:firstname.lastname@example.org] On Behalf
> Of Eric Appelboom
> Sent: Tuesday, March 01, 2005 4:53 PM
> To: email@example.com
> Subject: [fw-wiz] Cisco acls
> I would appreciate some comments with regard to the extensive use of
> cisco routers acls
> To protect numerous networks.
> My concern is that when someone amends an access-list one generally
> enters, no access-list 177 and
> Then pastes in the new access list. Does this mean that for a
> period of
> time there is no protection on the
> Network that the acls applies?
> Best Regards
> MWEB: S.A.'s trusted Internet Service Provider. Just Like that.
> To join, click here or call 08600 32000.
> firewall-wizards mailing list
firewall-wizards mailing list